From be5f38adea89bdb95be359aea3d97615b6b530a3 Mon Sep 17 00:00:00 2001 From: Andy Staudacher Date: Sun, 31 Jan 2010 14:03:32 -0800 Subject: Minir l10n message cleanup. Avoid
in messages since the server normalizes them to
, i.e. leading to a mismatch. --- modules/gallery/views/upgrader.html.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'modules/gallery') diff --git a/modules/gallery/views/upgrader.html.php b/modules/gallery/views/upgrader.html.php index 6cf0068d..4490557c 100644 --- a/modules/gallery/views/upgrader.html.php +++ b/modules/gallery/views/upgrader.html.php @@ -112,7 +112,9 @@

- %name in your gallery3/var/tmp directory.", array("name" => "$upgrade_token")) ?> + %name in your %tmp_dir_path directory.", + array("name" => "$upgrade_token", + "tmp_dir_path" => "gallery3/var/tmp")) ?>

"> -- cgit v1.2.3 From 1f51d663a0d651cfc8ff172357ce1b57823f8480 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Wed, 3 Feb 2010 08:18:53 -0800 Subject: Correct missing function name. --- modules/gallery/helpers/auth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'modules/gallery') diff --git a/modules/gallery/helpers/auth.php b/modules/gallery/helpers/auth.php index 717cf40a..45561861 100644 --- a/modules/gallery/helpers/auth.php +++ b/modules/gallery/helpers/auth.php @@ -102,7 +102,7 @@ class auth_Core { /** * Clear any failed logins for this user */ - static function clear_failed_logins($user) { + static function clear_failed_auth_attempts($user) { db::build() ->delete("failed_logins") ->where("name", "=", $user->name) -- cgit v1.2.3 From 5c0c33782d7dd3556adecb9593f25f2cff06401a Mon Sep 17 00:00:00 2001 From: Andy Staudacher Date: Sat, 6 Feb 2010 12:19:55 -0800 Subject: Fix for ticket 892: Avoid double escaping of HTML entities, instead use Unicode in the source code for the locale names (as we do in other places already). Note: Also fixing the localized name of Ukrainian. For some reason it was garbled before. --- modules/gallery/helpers/locales.php | 88 ++++++++++++++++++------------------- 1 file changed, 44 insertions(+), 44 deletions(-) (limited to 'modules/gallery') diff --git a/modules/gallery/helpers/locales.php b/modules/gallery/helpers/locales.php index dc32b12f..d209d414 100644 --- a/modules/gallery/helpers/locales.php +++ b/modules/gallery/helpers/locales.php @@ -63,50 +63,50 @@ class locales_Core { // @todo Might want to add a localizable language name as well. private static function _init_language_data() { - $l["af_ZA"] = "Afrikaans"; // Afrikaans - $l["ar_SA"] = "العربية"; // Arabic - $l["be_BY"] = "Беларускі"; // Belarusian - $l["bg_BG"] = "Български"; // Bulgarian - $l["ca_ES"] = "Catalan"; // Catalan - $l["cs_CZ"] = "Česky"; // Czech - $l["da_DK"] = "Dansk"; // Danish - $l["de_DE"] = "Deutsch"; // German - $l["el_GR"] = "Greek"; // Greek - $l["en_GB"] = "English (UK)"; // English (UK) - $l["en_US"] = "English (US)"; // English (US) - $l["es_AR"] = "Español (AR)"; // Spanish (AR) - $l["es_ES"] = "Español"; // Spanish (ES) - $l["es_MX"] = "Español (MX)"; // Spanish (MX) - $l["et_EE"] = "Eesti"; // Estonian - $l["eu_ES"] = "Euskara"; // Basque - $l["fa_IR"] = "فارسي"; // Farsi - $l["fi_FI"] = "Suomi"; // Finnish - $l["fr_FR"] = "Français"; // French - $l["ga_IE"] = "Gaeilge"; // Irish - $l["he_IL"] = "עברית"; // Hebrew - $l["hu_HU"] = "Magyar"; // Hungarian - $l["is_IS"] = "Icelandic"; // Icelandic - $l["it_IT"] = "Italiano"; // Italian - $l["ja_JP"] = "日本語"; // Japanese - $l["ko_KR"] = "한국말"; // Korean - $l["lt_LT"] = "Lietuvių"; // Lithuanian - $l["lv_LV"] = "Latviešu"; // Latvian - $l["nl_NL"] = "Nederlands"; // Dutch - $l["no_NO"] = "Norsk bokmål"; // Norwegian - $l["pl_PL"] = "Polski"; // Polish - $l["pt_BR"] = "Português Brasileiro"; // Portuguese (BR) - $l["pt_PT"] = "Português"; // Portuguese (PT) - $l["ro_RO"] = "Română"; // Romanian - $l["ru_RU"] = "Русский"; // Russian - $l["sk_SK"] = "Slovenčina"; // Slovak - $l["sl_SI"] = "Slovenščina"; // Slovenian - $l["sr_CS"] = "Srpski"; // Serbian - $l["sv_SE"] = "Svenska"; // Swedish - $l["tr_TR"] = "Türkçe"; // Turkish - $l["uk_UA"] = "Українська"; // Ukrainian - $l["vi_VN"] = "Tiếng Việt"; // Vietnamese - $l["zh_CN"] = "简体中文"; // Chinese (CN) - $l["zh_TW"] = "繁體中文"; // Chinese (TW) + $l["af_ZA"] = "Afrikaans"; // Afrikaans + $l["ar_SA"] = "العربي"; // Arabic + $l["be_BY"] = "Беларускі"; // Belarusian + $l["bg_BG"] = "български"; // Bulgarian + $l["ca_ES"] = "Catalan"; // Catalan + $l["cs_CZ"] = "čeština"; // Czech + $l["da_DK"] = "Dansk"; // Danish + $l["de_DE"] = "Deutsch"; // German + $l["el_GR"] = "Greek"; // Greek + $l["en_GB"] = "English (UK)"; // English (UK) + $l["en_US"] = "English (US)"; // English (US) + $l["es_AR"] = "Español (AR)"; // Spanish (AR) + $l["es_ES"] = "Español"; // Spanish (ES) + $l["es_MX"] = "Español (MX)"; // Spanish (MX) + $l["et_EE"] = "Eesti"; // Estonian + $l["eu_ES"] = "Euskara"; // Basque + $l["fa_IR"] = "فارس"; // Farsi + $l["fi_FI"] = "Suomi"; // Finnish + $l["fr_FR"] = "Français"; // French + $l["ga_IE"] = "Gaeilge"; // Irish + $l["he_IL"] = "עברית"; // Hebrew + $l["hu_HU"] = "Magyar"; // Hungarian + $l["is_IS"] = "Icelandic"; // Icelandic + $l["it_IT"] = "Italiano"; // Italian + $l["ja_JP"] = "日本語"; // Japanese + $l["ko_KR"] = "한국어"; // Korean + $l["lt_LT"] = "Lietuvių"; // Lithuanian + $l["lv_LV"] = "Latviešu"; // Latvian + $l["nl_NL"] = "Nederlands"; // Dutch + $l["no_NO"] = "Norsk bokmål"; // Norwegian + $l["pl_PL"] = "Polski"; // Polish + $l["pt_BR"] = "Português do Brasil"; // Portuguese (BR) + $l["pt_PT"] = "Português ibérico"; // Portuguese (PT) + $l["ro_RO"] = "Română"; // Romanian + $l["ru_RU"] = "Русский"; // Russian + $l["sk_SK"] = "Slovenčina"; // Slovak + $l["sl_SI"] = "Slovenščina"; // Slovenian + $l["sr_CS"] = "Srpski"; // Serbian + $l["sv_SE"] = "Svenska"; // Swedish + $l["tr_TR"] = "Türkçe"; // Turkish + $l["uk_UA"] = "українська"; // Ukrainian + $l["vi_VN"] = "Tiếng Việt"; // Vietnamese + $l["zh_CN"] = "简体中文"; // Chinese (CN) + $l["zh_TW"] = "繁體中文"; // Chinese (TW) asort($l, SORT_LOCALE_STRING); self::$locales = $l; -- cgit v1.2.3 From 7099fc71f11ef8d3dd613d96a04a4824a827c714 Mon Sep 17 00:00:00 2001 From: Andy Staudacher Date: Sat, 6 Feb 2010 13:05:44 -0800 Subject: Fix for ticket 1004: Replace all uses of split with explode (none actually required regular expressions). Thanks to Brian Hartsock for providing a patch! --- modules/gallery/tests/File_Structure_Test.php | 2 +- modules/tag/controllers/tags.php | 6 +++--- modules/tag/helpers/tag_event.php | 6 +++--- modules/tag/helpers/tag_item_rest.php | 2 +- modules/user/tests/No_Direct_ORM_Access_Test.php | 4 ++-- 5 files changed, 10 insertions(+), 10 deletions(-) (limited to 'modules/gallery') diff --git a/modules/gallery/tests/File_Structure_Test.php b/modules/gallery/tests/File_Structure_Test.php index 4590e95d..9b2b1480 100644 --- a/modules/gallery/tests/File_Structure_Test.php +++ b/modules/gallery/tests/File_Structure_Test.php @@ -195,7 +195,7 @@ class File_Structure_Test extends Gallery_Unit_Test_Case { foreach ($dir as $file) { $file_as_string = file_get_contents($file); if (preg_match('/\t/', $file_as_string)) { - foreach (split("\n", $file_as_string) as $l => $line) { + foreach (explode("\n", $file_as_string) as $l => $line) { if (preg_match('/\t/', $line)) { $errors[] = "$file:$l has tab(s) ($line)"; } diff --git a/modules/tag/controllers/tags.php b/modules/tag/controllers/tags.php index 1eede907..04400d73 100644 --- a/modules/tag/controllers/tags.php +++ b/modules/tag/controllers/tags.php @@ -60,7 +60,7 @@ class Tags_Controller extends Controller { $form = tag::get_add_form($item); if ($form->validate()) { - foreach (split(",", $form->add_tag->inputs["name"]->value) as $tag_name) { + foreach (explode(",", $form->add_tag->inputs["name"]->value) as $tag_name) { $tag_name = trim($tag_name); if ($tag_name) { $tag = tag::add($item, $tag_name); @@ -77,9 +77,9 @@ class Tags_Controller extends Controller { public function autocomplete() { $tags = array(); - $tag_parts = preg_split("#,#", Input::instance()->get("q")); + $tag_parts = explode(",", Input::instance()->get("q")); $limit = Input::instance()->get("limit"); - $tag_part = end($tag_parts); + $tag_part = ltrim(end($tag_parts)); $tag_list = ORM::factory("tag") ->where("name", "LIKE", "{$tag_part}%") ->order_by("name", "ASC") diff --git a/modules/tag/helpers/tag_event.php b/modules/tag/helpers/tag_event.php index 403ccd52..10075c02 100644 --- a/modules/tag/helpers/tag_event.php +++ b/modules/tag/helpers/tag_event.php @@ -34,7 +34,7 @@ class tag_event_Core { if (!empty($iptc["2#025"])) { foreach($iptc["2#025"] as $tag) { $tag = str_replace("\0", "", $tag); - foreach (preg_split("/,/", $tag) as $word) { + foreach (explode(",", $tag) as $word) { $word = trim($word); if (function_exists("mb_detect_encoding") && mb_detect_encoding($word) != "UTF-8") { $word = utf8_encode($word); @@ -82,7 +82,7 @@ class tag_event_Core { static function item_edit_form_completed($item, $form) { tag::clear_all($item); - foreach (preg_split("/,/", $form->edit_item->tags->value) as $tag_name) { + foreach (explode(",", $form->edit_item->tags->value) as $tag_name) { if ($tag_name) { tag::add($item, trim($tag_name)); } @@ -124,7 +124,7 @@ class tag_event_Core { } static function add_photos_form_completed($album, $form) { - foreach (split(",", $form->add_photos->tags->value) as $tag_name) { + foreach (explode(",", $form->add_photos->tags->value) as $tag_name) { $tag_name = trim($tag_name); if ($tag_name) { $tag = tag::add($album, $tag_name); diff --git a/modules/tag/helpers/tag_item_rest.php b/modules/tag/helpers/tag_item_rest.php index 672cec53..fe07fefb 100644 --- a/modules/tag/helpers/tag_item_rest.php +++ b/modules/tag/helpers/tag_item_rest.php @@ -34,7 +34,7 @@ class tag_item_rest_Core { } static function resolve($tuple) { - list ($tag_id, $item_id) = split(",", $tuple); + list ($tag_id, $item_id) = explode(",", $tuple); $tag = ORM::factory("tag", $tag_id); $item = ORM::factory("item", $item_id); if (!$tag->loaded() || !$item->loaded() || !$tag->has($item) || !access::can("view", $item)) { diff --git a/modules/user/tests/No_Direct_ORM_Access_Test.php b/modules/user/tests/No_Direct_ORM_Access_Test.php index c372258e..eb7f09b0 100644 --- a/modules/user/tests/No_Direct_ORM_Access_Test.php +++ b/modules/user/tests/No_Direct_ORM_Access_Test.php @@ -31,7 +31,7 @@ class No_Direct_ORM_Access_Test extends Gallery_Unit_Test_Case { //if (basename(dirname($file)) == "helpers") { $file_as_string = file_get_contents($file); if (preg_match("/ORM::factory\\(\"user\"/", $file_as_string)) { - foreach (split("\n", $file_as_string) as $l => $line) { + foreach (explode("\n", $file_as_string) as $l => $line) { if (preg_match('/ORM::factory\\(\"user\"/', $line)) { $errors[] = "$file($l) => $line"; } @@ -54,7 +54,7 @@ class No_Direct_ORM_Access_Test extends Gallery_Unit_Test_Case { foreach ($dir as $file) { $file_as_string = file_get_contents($file); if (preg_match("/ORM::factory\\(\"group\"/", $file_as_string)) { - foreach (split("\n", $file_as_string) as $l => $line) { + foreach (explode("\n", $file_as_string) as $l => $line) { if (preg_match('/ORM::factory\\(\"group\"/', $line)) { $errors[] = "$file($l) => $line"; } -- cgit v1.2.3 From 163391ee391627f9c2b4eac359104809e2706a9b Mon Sep 17 00:00:00 2001 From: Andy Staudacher Date: Sat, 6 Feb 2010 17:43:33 -0800 Subject: Partial fix for ticket 585: Require current password when changing an account's email address. Still leaving the user/group admin page wide open though. --- modules/gallery/views/user_profile.html.php | 3 ++ modules/user/controllers/users.php | 70 ++++++++++++++++++++++++++--- 2 files changed, 68 insertions(+), 5 deletions(-) (limited to 'modules/gallery') diff --git a/modules/gallery/views/user_profile.html.php b/modules/gallery/views/user_profile.html.php index 78e1c579..1c3e4ea2 100644 --- a/modules/gallery/views/user_profile.html.php +++ b/modules/gallery/views/user_profile.html.php @@ -63,6 +63,9 @@ id}") ?>"> + id}") ?>"> + + diff --git a/modules/user/controllers/users.php b/modules/user/controllers/users.php index 166ff8b2..83adc354 100644 --- a/modules/user/controllers/users.php +++ b/modules/user/controllers/users.php @@ -28,7 +28,6 @@ class Users_Controller extends Controller { try { $valid = $form->validate(); $user->full_name = $form->edit_user->full_name->value; - $user->email = $form->edit_user->email->value; $user->url = $form->edit_user->url->value; if ($user->locale != $form->edit_user->locale->value) { @@ -97,6 +96,41 @@ class Users_Controller extends Controller { } } + public function change_email($id) { + $user = user::lookup($id); + if ($user->guest || $user->id != identity::active_user()->id) { + access::forbidden(); + } + + $form = $this->_get_change_email_form($user); + try { + $valid = $form->validate(); + $user->email = $form->change_email->email->value; + $user->validate(); + } catch (ORM_Validation_Exception $e) { + // Translate ORM validation errors into form error messages + foreach ($e->validation->errors() as $key => $error) { + $form->change_email->inputs[$key]->add_error($error, 1); + } + $valid = false; + } + + if ($valid) { + $user->save(); + module::event("user_change_email_form_completed", $user, $form); + message::success(t("Email address changed")); + module::event("user_login", $user); // since there's no user_authenticated event + print json_encode( + array("result" => "success", + "resource" => url::site("users/{$user->id}"))); + } else { + log::warning("user", t("Failed email change for %name", array("name" => $user->name))); + $name = $user->name; + module::event("user_login_failed", $name); + print json_encode(array("result" => "error", "form" => (string) $form)); + } + } + public function form_edit($id) { $user = user::lookup($id); if ($user->guest || $user->id != identity::active_user()->id) { @@ -115,6 +149,15 @@ class Users_Controller extends Controller { print $this->_get_change_password_form($user); } + public function form_change_email($id) { + $user = user::lookup($id); + if ($user->guest || $user->id != identity::active_user()->id) { + access::forbidden(); + } + + print $this->_get_change_email_form($user); + } + private function _get_change_password_form($user) { $form = new Forge( "users/change_password/$user->id", "", "post", array("id" => "g-change-password-user-form")); @@ -140,16 +183,33 @@ class Users_Controller extends Controller { return $form; } + private function _get_change_email_form($user) { + $form = new Forge( + "users/change_email/$user->id", "", "post", array("id" => "g-change-email-user-form")); + $group = $form->group("change_email")->label(t("Change your email address")); + $group->password("password")->label(t("Current password"))->id("g-password") + ->callback("auth::validate_too_many_failed_password_changes") + ->callback("user::valid_password") + ->error_messages("invalid", t("Incorrect password")) + ->error_messages( + "too_many_failed_password_changes", + t("Too many incorrect passwords. Try again later")); + $group->input("email")->label(t("New email address"))->id("g-email")->value($user->email) + ->error_messages("email", t("You must enter a valid email address")) + ->error_messages("length", t("Your email address is too long")) + ->error_messages("required", t("You must enter a valid email address")); + + module::event("user_change_password_form", $user, $form); + $group->submit("")->value(t("Save")); + return $form; + } + private function _get_edit_form($user) { $form = new Forge("users/update/$user->id", "", "post", array("id" => "g-edit-user-form")); $group = $form->group("edit_user")->label(t("Edit your profile")); $group->input("full_name")->label(t("Full Name"))->id("g-fullname")->value($user->full_name) ->error_messages("length", t("Your name is too long")); self::_add_locale_dropdown($group, $user); - $group->input("email")->label(t("Email"))->id("g-email")->value($user->email) - ->error_messages("email", t("You must enter a valid email address")) - ->error_messages("length", t("Your email address is too long")) - ->error_messages("required", t("You must enter a valid email address")); $group->input("url")->label(t("URL"))->id("g-url")->value($user->url); module::event("user_edit_form", $user, $form); -- cgit v1.2.3 From 2c3c126aafaa4d7ed86075927887636042117a1c Mon Sep 17 00:00:00 2001 From: Andy Staudacher Date: Sat, 6 Feb 2010 20:07:58 -0800 Subject: Fix ticket 930: Use the first frame as video thumbnail if the video is shorter than 3 seconds. And fall back to the default thumbnail if that operation fails. Thanks to lsowen for providing a patch! --- modules/gallery/helpers/movie.php | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'modules/gallery') diff --git a/modules/gallery/helpers/movie.php b/modules/gallery/helpers/movie.php index 7033b7da..3c494e96 100644 --- a/modules/gallery/helpers/movie.php +++ b/modules/gallery/helpers/movie.php @@ -84,6 +84,20 @@ class movie_Core { " -an -ss 00:00:03 -an -r 1 -vframes 1" . " -y -f mjpeg " . escapeshellarg($output_file) . " 2>&1"; exec($cmd); + + clearstatcache(); // use $filename parameter when PHP_version is 5.3+ + if (filesize($output_file) == 0) { + // Maybe the movie is shorter, fall back to the first frame. + $cmd = escapeshellcmd($ffmpeg) . " -i " . escapeshellarg($input_file) . + " -an -an -r 1 -vframes 1" . + " -y -f mjpeg " . escapeshellarg($output_file) . " 2>&1"; + exec($cmd); + + clearstatcache(); + if (filesize($output_file) == 0) { + throw new Exception("@todo FFMPEG_FAILED"); + } + } } static function find_ffmpeg() { -- cgit v1.2.3 From adac97b5372322be5154996974a6496198105d16 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sun, 7 Feb 2010 08:28:32 -0800 Subject: Add prefix support for the target of RENAME TABLE. --- modules/gallery/libraries/MY_Database.php | 9 ++++++++- modules/gallery/tests/Database_Test.php | 7 +++++++ 2 files changed, 15 insertions(+), 1 deletion(-) (limited to 'modules/gallery') diff --git a/modules/gallery/libraries/MY_Database.php b/modules/gallery/libraries/MY_Database.php index e2ef68cd..cb70104a 100644 --- a/modules/gallery/libraries/MY_Database.php +++ b/modules/gallery/libraries/MY_Database.php @@ -54,11 +54,18 @@ abstract class Database extends Database_Core { */ return $sql; } else if (strpos($sql, "CREATE TABLE") === 0) { - // Creating a new table add it to the table cache. + // Creating a new table; add it to the table cache. $open_brace = strpos($sql, "{") + 1; $close_brace = strpos($sql, "}", $open_brace); $name = substr($sql, $open_brace, $close_brace - $open_brace); $this->_table_names["{{$name}}"] = "{$prefix}$name"; + } else if (strpos($sql, "RENAME TABLE") === 0) { + // Renaming a table; add it to the table cache. + // You must use the form "TO {new_table_name}" exactly for this to work. + $open_brace = strpos($sql, "TO {") + 4; + $close_brace = strpos($sql, "}", $open_brace); + $name = substr($sql, $open_brace, $close_brace - $open_brace); + $this->_table_names["{{$name}}"] = "{$prefix}$name"; } if (!isset($this->_table_names)) { diff --git a/modules/gallery/tests/Database_Test.php b/modules/gallery/tests/Database_Test.php index 861f7bba..730785e2 100644 --- a/modules/gallery/tests/Database_Test.php +++ b/modules/gallery/tests/Database_Test.php @@ -130,6 +130,13 @@ class Database_Test extends Gallery_Unit_Test_Case { $this->assert_same($expected, $sql); } + function prefix_replacement_for_rename_table_test() { + $db = Database::instance("mock"); + $this->assert_same( + "RENAME TABLE g_test TO g_new_test", + $db->add_table_prefixes("RENAME TABLE {test} TO {new_test}")); + } + function prefix_no_replacement_test() { $sql = db::build("mock") ->from("test_tables") -- cgit v1.2.3 From aff5d1cef4cc2514fe6d714788fffcf418d8fc5b Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sun, 7 Feb 2010 08:45:10 -0800 Subject: Create the concept of a "failed authentication" as semantically separate from a successful or failed login. 1) Rename user_login_failed event to user_authenticate_failed 2) Rename failed_logins table to failed_auth (bump Gallery module to v27 to rename the table) 3) auth::too_many_failed_logins -> auth::too_many_failures 4) auth::record_failed_auth_attempts -> auth::record_failed_attempts auth::clear_failed_auth_attempts -> auth::clear_failed_attempts --- modules/gallery/controllers/login.php | 2 +- modules/gallery/helpers/auth.php | 41 +++++++++++++-------------- modules/gallery/helpers/gallery_event.php | 14 ++++----- modules/gallery/helpers/gallery_installer.php | 9 ++++-- modules/gallery/models/failed_auth.php | 20 +++++++++++++ modules/gallery/models/failed_login.php | 20 ------------- modules/gallery/module.info | 2 +- modules/rest/controllers/rest.php | 2 +- modules/user/controllers/users.php | 7 +++-- 9 files changed, 59 insertions(+), 58 deletions(-) create mode 100644 modules/gallery/models/failed_auth.php delete mode 100644 modules/gallery/models/failed_login.php (limited to 'modules/gallery') diff --git a/modules/gallery/controllers/login.php b/modules/gallery/controllers/login.php index 1426f0d8..fa175ac8 100644 --- a/modules/gallery/controllers/login.php +++ b/modules/gallery/controllers/login.php @@ -65,7 +65,7 @@ class Login_Controller extends Controller { $form->login->inputs["name"]->add_error("invalid_login", 1); $name = $form->login->inputs["name"]->value; log::warning("user", t("Failed login for %name", array("name" => $name))); - module::event("user_login_failed", $name); + module::event("user_authenticate_failed", $name); $valid = false; } } diff --git a/modules/gallery/helpers/auth.php b/modules/gallery/helpers/auth.php index 45561861..2c1e3f67 100644 --- a/modules/gallery/helpers/auth.php +++ b/modules/gallery/helpers/auth.php @@ -20,7 +20,7 @@ class auth_Core { static function get_login_form($url) { $form = new Forge($url, "", "post", array("id" => "g-login-form")); - $form->set_attr('class', "g-narrow"); + $form->set_attr("class", "g-narrow"); $group = $form->group("login")->label(t("Login")); $group->input("name")->label(t("Username"))->id("g-username")->class(null) ->callback("auth::validate_too_many_failed_logins") @@ -60,52 +60,51 @@ class auth_Core { } /** - * After there have been 5 failed login attempts, any failure leads to getting locked out for a + * After there have been 5 failed auth attempts, any failure leads to getting locked out for a * minute. */ - static function too_many_failed_logins($name) { - $failed_login = ORM::factory("failed_login") + static function too_many_failures($name) { + $failed = ORM::factory("failed_auth") ->where("name", "=", $name) ->find(); - return ($failed_login->loaded() && - $failed_login->count > 5 && - (time() - $failed_login->time < 60)); + return ($failed->loaded() && + $failed->count > 5 && + (time() - $failed->time < 60)); } static function validate_too_many_failed_logins($name_input) { - if (self::too_many_failed_logins($name_input->value)) { + if (self::too_many_failures($name_input->value)) { $name_input->add_error("too_many_failed_logins", 1); } } static function validate_too_many_failed_password_changes($password_input) { - if (self::too_many_failed_logins(identity::active_user()->name)) { + if (self::too_many_failures(identity::active_user()->name)) { $password_input->add_error("too_many_failed_password_changes", 1); } } /** - * Record a failed login for this user + * Record a failed authentication for this user */ - static function record_failed_auth_attempts($name) { - $failed_login = ORM::factory("failed_login") + static function record_failed_attempt($name) { + $failed = ORM::factory("failed_auth") ->where("name", "=", $name) ->find(); - if (!$failed_login->loaded()) { - $failed_login->name = $name; + if (!$failed->loaded()) { + $failed->name = $name; } - $failed_login->time = time(); - $failed_login->count++; - $failed_login->save(); + $failed->time = time(); + $failed->count++; + $failed->save(); } /** * Clear any failed logins for this user */ - static function clear_failed_auth_attempts($user) { - db::build() - ->delete("failed_logins") + static function clear_failed_attempts($user) { + ORM::factory("failed_auth") ->where("name", "=", $user->name) - ->execute(); + ->delete_all(); } } \ No newline at end of file diff --git a/modules/gallery/helpers/gallery_event.php b/modules/gallery/helpers/gallery_event.php index 7b538c49..9ce30929 100644 --- a/modules/gallery/helpers/gallery_event.php +++ b/modules/gallery/helpers/gallery_event.php @@ -110,19 +110,15 @@ class gallery_event_Core { graphics::choose_default_toolkit(); module::clear_var("gallery", "choose_default_tookit"); } - auth::clear_failed_auth_attempts($user); + auth::clear_failed_attempts($user); } - static function user_login_failed($name) { - auth::record_failed_auth_attempts($name); + static function user_authenticate_failed($name) { + auth::record_failed_attempt($name); } - static function user_password_changed($user) { - auth::clear_failed_auth_attempts($user); - } - - static function user_password_change_failed($name) { - auth::record_failed_auth_attempts($name); + static function user_authenticate($user) { + auth::clear_failed_attempts($user); } static function item_index_data($item, $data) { diff --git a/modules/gallery/helpers/gallery_installer.php b/modules/gallery/helpers/gallery_installer.php index 761843b0..05354f81 100644 --- a/modules/gallery/helpers/gallery_installer.php +++ b/modules/gallery/helpers/gallery_installer.php @@ -42,7 +42,7 @@ class gallery_installer { KEY (`tags`)) DEFAULT CHARSET=utf8;"); - $db->query("CREATE TABLE {failed_logins} ( + $db->query("CREATE TABLE {failed_auth} ( `id` int(9) NOT NULL auto_increment, `count` int(9) NOT NULL, `name` varchar(255) NOT NULL, @@ -526,6 +526,11 @@ class gallery_installer { ->execute(); module::set_version("gallery", $version = 26); } + + if ($version == 26) { + $db->query("RENAME TABLE {failed_logins} TO {failed_auths}"); + module::set_version("gallery", $version = 27); + } } static function uninstall() { @@ -534,7 +539,7 @@ class gallery_installer { $db->query("DROP TABLE IF EXISTS {access_intents}"); $db->query("DROP TABLE IF EXISTS {graphics_rules}"); $db->query("DROP TABLE IF EXISTS {incoming_translations}"); - $db->query("DROP TABLE IF EXISTS {failed_logins}"); + $db->query("DROP TABLE IF EXISTS {failed_auths}"); $db->query("DROP TABLE IF EXISTS {items}"); $db->query("DROP TABLE IF EXISTS {logs}"); $db->query("DROP TABLE IF EXISTS {modules}"); diff --git a/modules/gallery/models/failed_auth.php b/modules/gallery/models/failed_auth.php new file mode 100644 index 00000000..3c25f9d8 --- /dev/null +++ b/modules/gallery/models/failed_auth.php @@ -0,0 +1,20 @@ +post("user"); $password = Input::instance()->post("password"); - if (empty($username) || auth::too_many_failed_logins($username)) { + if (empty($username) || auth::too_many_failures($username)) { throw new Rest_Exception("Forbidden", 403); } diff --git a/modules/user/controllers/users.php b/modules/user/controllers/users.php index 83adc354..2675d918 100644 --- a/modules/user/controllers/users.php +++ b/modules/user/controllers/users.php @@ -84,6 +84,7 @@ class Users_Controller extends Controller { $user->save(); module::event("user_change_password_form_completed", $user, $form); message::success(t("Password changed")); + module::event("user_authenticate", $user); module::event("user_password_change", $user); print json_encode( array("result" => "success", @@ -91,7 +92,7 @@ class Users_Controller extends Controller { } else { log::warning("user", t("Failed password change for %name", array("name" => $user->name))); $name = $user->name; - module::event("user_password_change_failed", $name); + module::event("user_authenticate_failed", $name); print json_encode(array("result" => "error", "form" => (string) $form)); } } @@ -119,14 +120,14 @@ class Users_Controller extends Controller { $user->save(); module::event("user_change_email_form_completed", $user, $form); message::success(t("Email address changed")); - module::event("user_login", $user); // since there's no user_authenticated event + module::event("user_authenticate", $user); print json_encode( array("result" => "success", "resource" => url::site("users/{$user->id}"))); } else { log::warning("user", t("Failed email change for %name", array("name" => $user->name))); $name = $user->name; - module::event("user_login_failed", $name); + module::event("user_authenticate_failed", $name); print json_encode(array("result" => "error", "form" => (string) $form)); } } -- cgit v1.2.3 From eda6e3af06aa51281e614ae9a5e7b4ad4fbbae17 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sun, 7 Feb 2010 08:49:37 -0800 Subject: Rename user_authenticate_xxx events to user_auth_xxx for brevity. --- modules/gallery/controllers/login.php | 2 +- modules/gallery/helpers/gallery_event.php | 4 ++-- modules/user/controllers/users.php | 8 ++++---- 3 files changed, 7 insertions(+), 7 deletions(-) (limited to 'modules/gallery') diff --git a/modules/gallery/controllers/login.php b/modules/gallery/controllers/login.php index fa175ac8..5a08b693 100644 --- a/modules/gallery/controllers/login.php +++ b/modules/gallery/controllers/login.php @@ -65,7 +65,7 @@ class Login_Controller extends Controller { $form->login->inputs["name"]->add_error("invalid_login", 1); $name = $form->login->inputs["name"]->value; log::warning("user", t("Failed login for %name", array("name" => $name))); - module::event("user_authenticate_failed", $name); + module::event("user_auth_failed", $name); $valid = false; } } diff --git a/modules/gallery/helpers/gallery_event.php b/modules/gallery/helpers/gallery_event.php index 9ce30929..5fa82160 100644 --- a/modules/gallery/helpers/gallery_event.php +++ b/modules/gallery/helpers/gallery_event.php @@ -113,11 +113,11 @@ class gallery_event_Core { auth::clear_failed_attempts($user); } - static function user_authenticate_failed($name) { + static function user_auth_failed($name) { auth::record_failed_attempt($name); } - static function user_authenticate($user) { + static function user_auth($user) { auth::clear_failed_attempts($user); } diff --git a/modules/user/controllers/users.php b/modules/user/controllers/users.php index 2675d918..1130852b 100644 --- a/modules/user/controllers/users.php +++ b/modules/user/controllers/users.php @@ -84,7 +84,7 @@ class Users_Controller extends Controller { $user->save(); module::event("user_change_password_form_completed", $user, $form); message::success(t("Password changed")); - module::event("user_authenticate", $user); + module::event("user_auth", $user); module::event("user_password_change", $user); print json_encode( array("result" => "success", @@ -92,7 +92,7 @@ class Users_Controller extends Controller { } else { log::warning("user", t("Failed password change for %name", array("name" => $user->name))); $name = $user->name; - module::event("user_authenticate_failed", $name); + module::event("user_auth_failed", $name); print json_encode(array("result" => "error", "form" => (string) $form)); } } @@ -120,14 +120,14 @@ class Users_Controller extends Controller { $user->save(); module::event("user_change_email_form_completed", $user, $form); message::success(t("Email address changed")); - module::event("user_authenticate", $user); + module::event("user_auth", $user); print json_encode( array("result" => "success", "resource" => url::site("users/{$user->id}"))); } else { log::warning("user", t("Failed email change for %name", array("name" => $user->name))); $name = $user->name; - module::event("user_authenticate_failed", $name); + module::event("user_auth_failed", $name); print json_encode(array("result" => "error", "form" => (string) $form)); } } -- cgit v1.2.3 From b6c0d3a48ca4fa9296b23a1c4d73fb0573f1b92f Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Sun, 7 Feb 2010 13:55:17 -0800 Subject: Refactor the is_rtl() helper into the Gallery_I18n class. This allows checking for a config value "force_rtl" which will layout the gallery pages in rtl mode without having to change to an language that is no longer understandable to the developer. Adding the line "$config['force_rtl'] = true;" to the config/locales.php file will make it happen. --- modules/gallery/helpers/locales.php | 4 +--- modules/gallery/libraries/Gallery_I18n.php | 10 ++++++++++ 2 files changed, 11 insertions(+), 3 deletions(-) (limited to 'modules/gallery') diff --git a/modules/gallery/helpers/locales.php b/modules/gallery/helpers/locales.php index d209d414..4af750a3 100644 --- a/modules/gallery/helpers/locales.php +++ b/modules/gallery/helpers/locales.php @@ -131,9 +131,7 @@ class locales_Core { } static function is_rtl($locale=null) { - $locale or $locale = Gallery_I18n::instance()->locale(); - list ($language, $territory) = explode('_', $locale . "_"); - return in_array($language, array("he", "fa", "ar")); + return Gallery_I18n::instance()->is_rtl($locale); } /** diff --git a/modules/gallery/libraries/Gallery_I18n.php b/modules/gallery/libraries/Gallery_I18n.php index 4e0c1f82..1eacad5b 100644 --- a/modules/gallery/libraries/Gallery_I18n.php +++ b/modules/gallery/libraries/Gallery_I18n.php @@ -87,6 +87,16 @@ class Gallery_I18n_Core { return $this->_config['default_locale']; } + public function is_rtl($locale=null) { + $is_rtl = !empty($this->_config["force_rtl"]) and $this->_config["force_rtl"]; + if (empty($is_rtl)) { + $locale or $locale = $this->locale(); + list ($language, $territory) = explode('_', $locale . "_"); + $is_rtl = in_array($language, array("he", "fa", "ar")); + } + return $is_rtl; + } + /** * Translates a localizable message. * -- cgit v1.2.3 From 6783de24572eb3a84dd43d125686b5f1df33f305 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Sun, 7 Feb 2010 14:17:58 -0800 Subject: Remove the redundant reference to ["force_rtl". --- modules/gallery/libraries/Gallery_I18n.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'modules/gallery') diff --git a/modules/gallery/libraries/Gallery_I18n.php b/modules/gallery/libraries/Gallery_I18n.php index 1eacad5b..cfed046a 100644 --- a/modules/gallery/libraries/Gallery_I18n.php +++ b/modules/gallery/libraries/Gallery_I18n.php @@ -88,7 +88,7 @@ class Gallery_I18n_Core { } public function is_rtl($locale=null) { - $is_rtl = !empty($this->_config["force_rtl"]) and $this->_config["force_rtl"]; + $is_rtl = !empty($this->_config["force_rtl"]); if (empty($is_rtl)) { $locale or $locale = $this->locale(); list ($language, $territory) = explode('_', $locale . "_"); -- cgit v1.2.3 From 370e0e2f32e5092e1655116edbea9a607c6ed85a Mon Sep 17 00:00:00 2001 From: Andy Staudacher Date: Sun, 7 Feb 2010 15:02:41 -0800 Subject: Fix installer code for version 27, and introduce new module variable in version 28 as a preparation for admin area compartmentalization. --- installer/install.sql | 11 ++++++----- modules/gallery/helpers/gallery_installer.php | 11 +++++++++-- modules/gallery/module.info | 2 +- 3 files changed, 16 insertions(+), 8 deletions(-) (limited to 'modules/gallery') diff --git a/installer/install.sql b/installer/install.sql index 20b632fa..1f21ad4e 100644 --- a/installer/install.sql +++ b/installer/install.sql @@ -74,10 +74,10 @@ CREATE TABLE {comments} ( PRIMARY KEY (`id`) ) DEFAULT CHARSET=utf8; SET character_set_client = @saved_cs_client; -DROP TABLE IF EXISTS {failed_logins}; +DROP TABLE IF EXISTS {failed_auths}; SET @saved_cs_client = @@character_set_client; SET character_set_client = utf8; -CREATE TABLE {failed_logins} ( +CREATE TABLE {failed_auths} ( `id` int(9) NOT NULL auto_increment, `count` int(9) NOT NULL, `name` varchar(255) NOT NULL, @@ -239,8 +239,8 @@ CREATE TABLE {modules} ( UNIQUE KEY `name` (`name`) ) AUTO_INCREMENT=10 DEFAULT CHARSET=utf8; SET character_set_client = @saved_cs_client; -INSERT INTO {modules} VALUES (1,1,'gallery',25); -INSERT INTO {modules} VALUES (2,1,'user',2); +INSERT INTO {modules} VALUES (1,1,'gallery',28); +INSERT INTO {modules} VALUES (2,1,'user',3); INSERT INTO {modules} VALUES (3,1,'comment',2); INSERT INTO {modules} VALUES (4,1,'organize',1); INSERT INTO {modules} VALUES (5,1,'info',1); @@ -377,7 +377,7 @@ CREATE TABLE {vars} ( `value` text, PRIMARY KEY (`id`), UNIQUE KEY `module_name` (`module_name`,`name`) -) AUTO_INCREMENT=39 DEFAULT CHARSET=utf8; +) AUTO_INCREMENT=40 DEFAULT CHARSET=utf8; SET character_set_client = @saved_cs_client; INSERT INTO {vars} VALUES (NULL,'gallery','active_site_theme','wind'); INSERT INTO {vars} VALUES (NULL,'gallery','active_admin_theme','admin_wind'); @@ -391,6 +391,7 @@ INSERT INTO {vars} VALUES (NULL,'gallery','time_format','H:i:s'); INSERT INTO {vars} VALUES (NULL,'gallery','show_credits','1'); INSERT INTO {vars} VALUES (NULL,'gallery','credits','Powered by Gallery %version'); INSERT INTO {vars} VALUES (NULL,'gallery','simultaneous_upload_limit','5'); +INSERT INTO {vars} VALUES (NULL,'gallery','admin_area_timeout','1200'); INSERT INTO {vars} VALUES (NULL,'gallery','blocks_dashboard_sidebar','a:4:{i:2;a:2:{i:0;s:7:\"gallery\";i:1;s:11:\"block_adder\";}i:3;a:2:{i:0;s:7:\"gallery\";i:1;s:5:\"stats\";}i:4;a:2:{i:0;s:7:\"gallery\";i:1;s:13:\"platform_info\";}i:5;a:2:{i:0;s:7:\"gallery\";i:1;s:12:\"project_news\";}}'); INSERT INTO {vars} VALUES (NULL,'gallery','date_time_format','Y-M-d H:i:s'); INSERT INTO {vars} VALUES (NULL,'gallery','date_format','Y-M-d'); diff --git a/modules/gallery/helpers/gallery_installer.php b/modules/gallery/helpers/gallery_installer.php index 05354f81..ed4a62a5 100644 --- a/modules/gallery/helpers/gallery_installer.php +++ b/modules/gallery/helpers/gallery_installer.php @@ -42,7 +42,7 @@ class gallery_installer { KEY (`tags`)) DEFAULT CHARSET=utf8;"); - $db->query("CREATE TABLE {failed_auth} ( + $db->query("CREATE TABLE {failed_auths} ( `id` int(9) NOT NULL auto_increment, `count` int(9) NOT NULL, `name` varchar(255) NOT NULL, @@ -287,7 +287,8 @@ class gallery_installer { // @todo this string needs to be picked up by l10n_scanner module::set_var("gallery", "credits", "Powered by Gallery %version"); module::set_var("gallery", "simultaneous_upload_limit", 5); - module::set_version("gallery", 26); + module::set_var("gallery", "admin_area_timeout", 20 * 60); + module::set_version("gallery", 28); } static function upgrade($version) { @@ -531,6 +532,12 @@ class gallery_installer { $db->query("RENAME TABLE {failed_logins} TO {failed_auths}"); module::set_version("gallery", $version = 27); } + + if ($version == 27) { + // Set the admin area timeout to 20 minutes + module::set_var("gallery", "admin_area_timeout", 20 * 60); + module::set_version("gallery", $version = 28); + } } static function uninstall() { diff --git a/modules/gallery/module.info b/modules/gallery/module.info index dac9e6ed..ae300399 100644 --- a/modules/gallery/module.info +++ b/modules/gallery/module.info @@ -1,3 +1,3 @@ name = "Gallery 3" description = "Gallery core application" -version = 27 +version = 28 -- cgit v1.2.3 From f93528ffab19b7a733fc8fb21c22853d8ec0d2f5 Mon Sep 17 00:00:00 2001 From: Andy Staudacher Date: Sun, 7 Feb 2010 15:37:32 -0800 Subject: Last partial fix for ticket 585: Compartmentalize the admin area and require active authentication every 20 minutes to access the admin area. Also renaming auth::validate_too_many_failed_password_changes to validate_too_many_failed_auth_attempts since it's used in this generalized way in 3 places now. --- modules/gallery/controllers/admin.php | 6 ++- modules/gallery/controllers/reauthenticate.php | 72 ++++++++++++++++++++++++++ modules/gallery/helpers/auth.php | 27 +++++++++- modules/gallery/helpers/gallery_event.php | 2 + modules/gallery/views/reauthenticate.html.php | 10 ++++ modules/user/controllers/users.php | 8 +-- 6 files changed, 118 insertions(+), 7 deletions(-) create mode 100644 modules/gallery/controllers/reauthenticate.php create mode 100644 modules/gallery/views/reauthenticate.html.php (limited to 'modules/gallery') diff --git a/modules/gallery/controllers/admin.php b/modules/gallery/controllers/admin.php index e4216991..b5f3db39 100644 --- a/modules/gallery/controllers/admin.php +++ b/modules/gallery/controllers/admin.php @@ -21,7 +21,7 @@ class Admin_Controller extends Controller { private $theme; public function __construct($theme=null) { - if (!(identity::active_user()->admin)) { + if (!identity::active_user()->admin) { access::forbidden(); } @@ -29,6 +29,10 @@ class Admin_Controller extends Controller { } public function __call($controller_name, $args) { + if (auth::must_reauth_for_admin_area()) { + return url::redirect("reauthenticate"); + } + if (request::method() == "post") { access::verify_csrf(); } diff --git a/modules/gallery/controllers/reauthenticate.php b/modules/gallery/controllers/reauthenticate.php new file mode 100644 index 00000000..4b88a9cc --- /dev/null +++ b/modules/gallery/controllers/reauthenticate.php @@ -0,0 +1,72 @@ +admin) { + access::forbidden(); + } + return self::_show_form(self::_form()); + } + + public function auth() { + if (!identity::active_user()->admin) { + access::forbidden(); + } + access::verify_csrf(); + + $form = self::_form(); + $valid = $form->validate(); + $user = identity::active_user(); + if ($valid) { + message::success(t("Successfully re-authenticated!")); + module::event("user_auth", $user); + url::redirect("admin"); + } else { + $name = $user->name; + log::warning("user", t("Failed re-authentication for %name", array("name" => $name))); + module::event("user_auth_failed", $name); + return self::_show_form($form); + } + } + + private static function _show_form($form) { + $view = new Theme_View("page.html", "other", "reauthenticate"); + $view->page_title = t("Re-authenticate"); + $view->content = new View("reauthenticate.html"); + $view->content->form = $form; + $view->content->user_name = identity::active_user()->name; + print $view; + } + + private static function _form() { + $form = new Forge("reauthenticate/auth", "", "post", array("id" => "g-reauthenticate-form")); + $form->set_attr('class', "g-narrow"); + $group = $form->group("reauthenticate")->label(t("Re-authenticate")); + $group->password("password")->label(t("Password"))->id("g-password")->class(null) + ->callback("auth::validate_too_many_failed_auth_attempts") + ->callback("user::valid_password") + ->error_messages("invalid", t("Incorrect password")) + ->error_messages( + "too_many_failed_auth_attempts", + t("Too many incorrect passwords. Try again later")); + $group->submit("")->value(t("Submit")); + return $form; + } +} diff --git a/modules/gallery/helpers/auth.php b/modules/gallery/helpers/auth.php index 2c1e3f67..c3e9e6e9 100644 --- a/modules/gallery/helpers/auth.php +++ b/modules/gallery/helpers/auth.php @@ -78,9 +78,9 @@ class auth_Core { } } - static function validate_too_many_failed_password_changes($password_input) { + static function validate_too_many_failed_auth_attempts($form_input) { if (self::too_many_failures(identity::active_user()->name)) { - $password_input->add_error("too_many_failed_password_changes", 1); + $form_input->add_error("too_many_failed_auth_attempts", 1); } } @@ -107,4 +107,27 @@ class auth_Core { ->where("name", "=", $user->name) ->delete_all(); } + + /** + * Checks whether the current user (= admin) must + * actively re-authenticate before access is given + * to the admin area. + */ + static function must_reauth_for_admin_area() { + if (!identity::active_user()->admin) { + access::forbidden(); + } + + $session = Session::instance(); + $last_active_auth = $session->get("active_auth_timestamp", 0); + $last_admin_area_activity = $session->get("admin_area_activity_timestamp", 0); + $admin_area_timeout = module::get_var("gallery", "admin_area_timeout"); + + if (max($last_active_auth, $last_admin_area_activity) + $admin_area_timeout < time()) { + return true; + } + + $session->set("admin_area_activity_timestamp", time()); + return false; + } } \ No newline at end of file diff --git a/modules/gallery/helpers/gallery_event.php b/modules/gallery/helpers/gallery_event.php index 5fa82160..63f33c12 100644 --- a/modules/gallery/helpers/gallery_event.php +++ b/modules/gallery/helpers/gallery_event.php @@ -110,6 +110,7 @@ class gallery_event_Core { graphics::choose_default_toolkit(); module::clear_var("gallery", "choose_default_tookit"); } + Session::instance()->set("active_auth_timestamp", time()); auth::clear_failed_attempts($user); } @@ -119,6 +120,7 @@ class gallery_event_Core { static function user_auth($user) { auth::clear_failed_attempts($user); + Session::instance()->set("active_auth_timestamp", time()); } static function item_index_data($item, $data) { diff --git a/modules/gallery/views/reauthenticate.html.php b/modules/gallery/views/reauthenticate.html.php new file mode 100644 index 00000000..8611d0f7 --- /dev/null +++ b/modules/gallery/views/reauthenticate.html.php @@ -0,0 +1,10 @@ + +
+

+ +

+

+ $user_name)) ?> +

+ +
\ No newline at end of file diff --git a/modules/user/controllers/users.php b/modules/user/controllers/users.php index 1130852b..0730f391 100644 --- a/modules/user/controllers/users.php +++ b/modules/user/controllers/users.php @@ -164,11 +164,11 @@ class Users_Controller extends Controller { "users/change_password/$user->id", "", "post", array("id" => "g-change-password-user-form")); $group = $form->group("change_password")->label(t("Change your password")); $group->password("old_password")->label(t("Old password"))->id("g-password") - ->callback("auth::validate_too_many_failed_password_changes") + ->callback("auth::validate_too_many_failed_auth_attempts") ->callback("user::valid_password") ->error_messages("invalid", t("Incorrect password")) ->error_messages( - "too_many_failed_password_changes", + "too_many_failed_auth_attempts", t("Too many incorrect passwords. Try again later")); $group->password("password")->label(t("New password"))->id("g-password") ->error_messages("min_length", t("Your new password is too short")); @@ -189,11 +189,11 @@ class Users_Controller extends Controller { "users/change_email/$user->id", "", "post", array("id" => "g-change-email-user-form")); $group = $form->group("change_email")->label(t("Change your email address")); $group->password("password")->label(t("Current password"))->id("g-password") - ->callback("auth::validate_too_many_failed_password_changes") + ->callback("auth::validate_too_many_failed_auth_attempts") ->callback("user::valid_password") ->error_messages("invalid", t("Incorrect password")) ->error_messages( - "too_many_failed_password_changes", + "too_many_failed_auth_attempts", t("Too many incorrect passwords. Try again later")); $group->input("email")->label(t("New email address"))->id("g-email")->value($user->email) ->error_messages("email", t("You must enter a valid email address")) -- cgit v1.2.3 From 8fc346e9b67204c31e2bfeb59a5cbaa49e308085 Mon Sep 17 00:00:00 2001 From: Andy Staudacher Date: Sun, 7 Feb 2010 16:44:07 -0800 Subject: Addendum for ticket 585: Handle case C), redirect the admin to a non-admin page when the admin area session expires, before the admin has a chance to send an XHR admin request, for which we wouldn't have a good answer. --- modules/gallery/helpers/gallery_theme.php | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'modules/gallery') diff --git a/modules/gallery/helpers/gallery_theme.php b/modules/gallery/helpers/gallery_theme.php index 0018fd9a..9ffeb911 100644 --- a/modules/gallery/helpers/gallery_theme.php +++ b/modules/gallery/helpers/gallery_theme.php @@ -90,6 +90,17 @@ class gallery_theme_Core { $profiler = new Profiler(); $profiler->render(); } + + // Redirect to the root album when the admin session expires. + $redirect_url = url::abs_site(""); + $admin_area_timeout = 1000 * module::get_var("gallery", "admin_area_timeout"); + $admin_session_redirect_check = ''; + print $admin_session_redirect_check; + if ($session->get("l10n_mode", false)) { return L10n_Client_Controller::l10n_form(); } -- cgit v1.2.3 From 9695041a86ffeb1bfc5ced654cb04a9833eb9288 Mon Sep 17 00:00:00 2001 From: Andy Staudacher Date: Sun, 7 Feb 2010 16:56:19 -0800 Subject: Change welcome message dialog to link to the user_profile page instead of the change user dialog. a) the edit user form doesn't include the password anymore b) the new admin would probably also like to change the email, so directing him to the profile page with options to change the pw / email. Ideally, we'd have a special purpose edit profile page for the install experience, without prompting for the randomly generated password. But that's something for another task. --- modules/gallery/views/welcome_message.html.php | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) (limited to 'modules/gallery') diff --git a/modules/gallery/views/welcome_message.html.php b/modules/gallery/views/welcome_message.html.php index 24d01bab..caeeff66 100644 --- a/modules/gallery/views/welcome_message.html.php +++ b/modules/gallery/views/welcome_message.html.php @@ -15,15 +15,12 @@

- id}") ?>" + id}") ?>" title="for_html_attr() ?>" id="g-after-install-change-password-link" class="g-button ui-state-default ui-corners-all"> - + -

-- cgit v1.2.3 From 316b0583b374a5754ea112c00464d118917cdbc1 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Sun, 7 Feb 2010 21:38:51 -0800 Subject: Revert "Refactor the admin maintenance screen so that events are used to populate the action buttons and other content such as the list of scheduled tasks." Leaving this api out of RC1. This reverts commit 19fee6b5e4ceb8a5f90cafe4ad770856ece108ef. Conflicts: modules/gallery/views/admin_maintenance.html.php --- modules/gallery/controllers/admin_maintenance.php | 11 ++--------- modules/gallery/views/admin_maintenance.html.php | 16 +++++++++------- 2 files changed, 11 insertions(+), 16 deletions(-) (limited to 'modules/gallery') diff --git a/modules/gallery/controllers/admin_maintenance.php b/modules/gallery/controllers/admin_maintenance.php index 8e4845a9..487e77a6 100644 --- a/modules/gallery/controllers/admin_maintenance.php +++ b/modules/gallery/controllers/admin_maintenance.php @@ -44,17 +44,10 @@ class Admin_Maintenance_Controller extends Admin_Controller { $view->content->task_definitions = task::get_definitions(); $view->content->running_tasks = ORM::factory("task") ->where("done", "=", 0)->order_by("updated", "DESC")->find_all(); + $view->content->schedule_definitions = + module::is_active("scheduler") ? scheduler::get_definitions() : ""; $view->content->finished_tasks = ORM::factory("task") ->where("done", "=", 1)->order_by("updated", "DESC")->find_all(); - $task_buttons = - new ArrayObject(array((object)array("text" => t("run"), - "url" =>url::site("admin/maintenance/start")))); - module::event("admin_maintenance_task_buttons", $task_buttons); - $view->content->task_buttons = $task_buttons; - - $maintenance_content = new ArrayObject(); - module::event("admin_maintenance_content", $maintenance_content); - $view->content->task_maintenance_content = $maintenance_content; print $view; } diff --git a/modules/gallery/views/admin_maintenance.html.php b/modules/gallery/views/admin_maintenance.html.php index 19375670..15d04caa 100644 --- a/modules/gallery/views/admin_maintenance.html.php +++ b/modules/gallery/views/admin_maintenance.html.php @@ -29,21 +29,23 @@ description ?> - - url}/$task->callback?csrf=$csrf" ?>" + callback?csrf=$csrf") ?>" class="g-dialog-link g-button ui-icon-left ui-state-default ui-corner-all"> - text) ?> + - + + callback?csrf=$csrf") ?>" + class="g-dialog-link g-button ui-icon-left ui-state-default ui-corner-all"> + + + - - - + count()): ?>

-- cgit v1.2.3 From b8047db5393ddbe27d6ee391845802054b92bf79 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Sun, 7 Feb 2010 21:40:34 -0800 Subject: Revert "Add the scheduler component to the admin maintenance screen." This reverts commit 48cb5021c6bd7e65a13a0ff50a9e76f72da7d3a1. --- modules/gallery/controllers/admin_maintenance.php | 2 -- modules/gallery/views/admin_maintenance.html.php | 8 -------- 2 files changed, 10 deletions(-) (limited to 'modules/gallery') diff --git a/modules/gallery/controllers/admin_maintenance.php b/modules/gallery/controllers/admin_maintenance.php index 487e77a6..d90fe0ea 100644 --- a/modules/gallery/controllers/admin_maintenance.php +++ b/modules/gallery/controllers/admin_maintenance.php @@ -44,8 +44,6 @@ class Admin_Maintenance_Controller extends Admin_Controller { $view->content->task_definitions = task::get_definitions(); $view->content->running_tasks = ORM::factory("task") ->where("done", "=", 0)->order_by("updated", "DESC")->find_all(); - $view->content->schedule_definitions = - module::is_active("scheduler") ? scheduler::get_definitions() : ""; $view->content->finished_tasks = ORM::factory("task") ->where("done", "=", 1)->order_by("updated", "DESC")->find_all(); print $view; diff --git a/modules/gallery/views/admin_maintenance.html.php b/modules/gallery/views/admin_maintenance.html.php index 15d04caa..ac597715 100644 --- a/modules/gallery/views/admin_maintenance.html.php +++ b/modules/gallery/views/admin_maintenance.html.php @@ -33,20 +33,12 @@ class="g-dialog-link g-button ui-icon-left ui-state-default ui-corner-all"> - - callback?csrf=$csrf") ?>" - class="g-dialog-link g-button ui-icon-left ui-state-default ui-corner-all"> - - -
- - count()): ?>

-- cgit v1.2.3 From d0f6839c25c328c1bc0baff87974a8b268933361 Mon Sep 17 00:00:00 2001 From: Andy Staudacher Date: Mon, 8 Feb 2010 00:05:17 -0800 Subject: Fix Arabic language name. Thanks shaibn for reporting the issue. Verified with CLDR data. --- modules/gallery/helpers/locales.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'modules/gallery') diff --git a/modules/gallery/helpers/locales.php b/modules/gallery/helpers/locales.php index 4af750a3..883d2f9a 100644 --- a/modules/gallery/helpers/locales.php +++ b/modules/gallery/helpers/locales.php @@ -64,7 +64,7 @@ class locales_Core { // @todo Might want to add a localizable language name as well. private static function _init_language_data() { $l["af_ZA"] = "Afrikaans"; // Afrikaans - $l["ar_SA"] = "العربي"; // Arabic + $l["ar_SA"] = "العربية"; // Arabic $l["be_BY"] = "Беларускі"; // Belarusian $l["bg_BG"] = "български"; // Bulgarian $l["ca_ES"] = "Catalan"; // Catalan -- cgit v1.2.3 From f9d00aa7429599f46e09b23e8313932ac5e186c3 Mon Sep 17 00:00:00 2001 From: Andy Staudacher Date: Mon, 8 Feb 2010 00:30:36 -0800 Subject: Fix for ticket 1008: Redirect to destination after re-auth. --- modules/gallery/controllers/admin.php | 12 +++++++++++- modules/gallery/controllers/reauthenticate.php | 3 ++- 2 files changed, 13 insertions(+), 2 deletions(-) (limited to 'modules/gallery') diff --git a/modules/gallery/controllers/admin.php b/modules/gallery/controllers/admin.php index b5f3db39..5467e88a 100644 --- a/modules/gallery/controllers/admin.php +++ b/modules/gallery/controllers/admin.php @@ -30,7 +30,7 @@ class Admin_Controller extends Controller { public function __call($controller_name, $args) { if (auth::must_reauth_for_admin_area()) { - return url::redirect("reauthenticate"); + return self::_prompt_for_reauth($controller_name, $args); } if (request::method() == "post") { @@ -53,5 +53,15 @@ class Admin_Controller extends Controller { call_user_func_array(array(new $controller_name, $method), $args); } + + private static function _prompt_for_reauth($controller_name, $args) { + if (request::method() == "get" && !request::is_ajax()) { + $url_args = array("admin", $controller_name) + $args; + $continue_url = join("/", $url_args); + // Avoid anti-phishing protection by passing the url as session variable. + Session::instance()->set("continue_url", $continue_url); + } + url::redirect("reauthenticate"); + } } diff --git a/modules/gallery/controllers/reauthenticate.php b/modules/gallery/controllers/reauthenticate.php index 4b88a9cc..dbd1cd21 100644 --- a/modules/gallery/controllers/reauthenticate.php +++ b/modules/gallery/controllers/reauthenticate.php @@ -37,7 +37,8 @@ class Reauthenticate_Controller extends Controller { if ($valid) { message::success(t("Successfully re-authenticated!")); module::event("user_auth", $user); - url::redirect("admin"); + $continue_url = Session::instance()->get_once("continue_url", "admin"); + url::redirect($continue_url); } else { $name = $user->name; log::warning("user", t("Failed re-authentication for %name", array("name" => $name))); -- cgit v1.2.3 From f9377bcbd37886f09cfcf72a89f73629825e63dc Mon Sep 17 00:00:00 2001 From: Andy Staudacher Date: Mon, 8 Feb 2010 13:05:18 -0800 Subject: Suppress errors when checking for readability of /proc/loadavg. Often this file will be protected by openbasedir, and is_readable will trigger an open basedir warning. --- modules/gallery/helpers/gallery_block.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'modules/gallery') diff --git a/modules/gallery/helpers/gallery_block.php b/modules/gallery/helpers/gallery_block.php index be0f11b8..46742743 100644 --- a/modules/gallery/helpers/gallery_block.php +++ b/modules/gallery/helpers/gallery_block.php @@ -70,7 +70,7 @@ class gallery_block_Core { $block->css_id = "g-platform"; $block->title = t("Platform information"); $block->content = new View("admin_block_platform.html"); - if (is_readable("/proc/loadavg")) { + if (@is_readable("/proc/loadavg")) { $block->content->load_average = join(" ", array_slice(explode(" ", current(file("/proc/loadavg"))), 0, 3)); } else { -- cgit v1.2.3 From 6dfab72922bf20104d6032eb292d59c6bd6578ba Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Mon, 8 Feb 2010 15:37:11 -0800 Subject: Override Input::clean_input_keys() to sanitize malicious values out of strings instead of dying. This at least gives us graceful degradation. Fixes ticket #764, patch thanks to djnz. --- modules/gallery/libraries/MY_Input.php | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 modules/gallery/libraries/MY_Input.php (limited to 'modules/gallery') diff --git a/modules/gallery/libraries/MY_Input.php b/modules/gallery/libraries/MY_Input.php new file mode 100644 index 00000000..dce569fd --- /dev/null +++ b/modules/gallery/libraries/MY_Input.php @@ -0,0 +1,31 @@ + Date: Mon, 8 Feb 2010 22:15:38 -0800 Subject: Change admin area timeout from 20 to 90 minutes --- modules/gallery/helpers/gallery_installer.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'modules/gallery') diff --git a/modules/gallery/helpers/gallery_installer.php b/modules/gallery/helpers/gallery_installer.php index ed4a62a5..dd53cf43 100644 --- a/modules/gallery/helpers/gallery_installer.php +++ b/modules/gallery/helpers/gallery_installer.php @@ -287,7 +287,7 @@ class gallery_installer { // @todo this string needs to be picked up by l10n_scanner module::set_var("gallery", "credits", "Powered by Gallery %version"); module::set_var("gallery", "simultaneous_upload_limit", 5); - module::set_var("gallery", "admin_area_timeout", 20 * 60); + module::set_var("gallery", "admin_area_timeout", 90 * 60); module::set_version("gallery", 28); } @@ -534,8 +534,8 @@ class gallery_installer { } if ($version == 27) { - // Set the admin area timeout to 20 minutes - module::set_var("gallery", "admin_area_timeout", 20 * 60); + // Set the admin area timeout to 90 minutes + module::set_var("gallery", "admin_area_timeout", 90 * 60); module::set_version("gallery", $version = 28); } } -- cgit v1.2.3 From e1c08776468c2e2c5c5cb0926b78e24e29989f3c Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Tue, 9 Feb 2010 08:53:27 -0800 Subject: Add unit tests for item::move() in preparation for renaming when there are conflicts (see ticket #957) --- modules/gallery/tests/Item_Helper_Test.php | 47 ++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) (limited to 'modules/gallery') diff --git a/modules/gallery/tests/Item_Helper_Test.php b/modules/gallery/tests/Item_Helper_Test.php index cdbdd324..d6817ef9 100644 --- a/modules/gallery/tests/Item_Helper_Test.php +++ b/modules/gallery/tests/Item_Helper_Test.php @@ -42,4 +42,51 @@ class Item_Helper_Test extends Gallery_Unit_Test_Case { $this->assert_equal("foo", item::convert_filename_to_slug("{[foo]}")); $this->assert_equal("foo-bar", item::convert_filename_to_slug("{[foo!@#!$@#^$@($!(@bar]}")); } + + public function move_test() { + identity::set_active_user(identity::admin_user()); + $photo = test::random_photo(item::root()); + $dst_album = test::random_album(); + + item::move($photo, $dst_album); + $this->assert_same($dst_album->id, $photo->parent_id); + } + + + public function move_updates_album_covers_test() { + identity::set_active_user(identity::admin_user()); + + // 2 photos in the source album + $src_album = test::random_album(); + $photo1 = test::random_photo($src_album); + $photo2 = test::random_photo($src_album); + $src_album->reload(); + + // destination album + $dst_album = test::random_album(); + + item::move($photo1, $dst_album); + + // Refresh cached copies + $src_album->reload(); + $dst_album->reload(); + + // photo 2 becomes the album cover for the source album and photo 1 + // becomes the album cover for the destination + $this->assert_same($photo1->id, $dst_album->album_cover_item_id); + $this->assert_same($photo2->id, $src_album->album_cover_item_id); + } + + public function move_leaves_empty_album_with_no_album_cover_test() { + identity::set_active_user(identity::admin_user()); + + $src_album = test::random_album(); + $photo = test::random_photo($src_album); + + item::move($photo, item::root()); + + $src_album->reload(); + $this->assert_false($src_album->album_cover_item_id); + } + } -- cgit v1.2.3 From 86721ce280f02dbf4127c83bb03372e09e616519 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Tue, 9 Feb 2010 15:21:40 -0800 Subject: Whitespace. --- modules/gallery/helpers/locales.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'modules/gallery') diff --git a/modules/gallery/helpers/locales.php b/modules/gallery/helpers/locales.php index 883d2f9a..e72d7ed9 100644 --- a/modules/gallery/helpers/locales.php +++ b/modules/gallery/helpers/locales.php @@ -131,7 +131,7 @@ class locales_Core { } static function is_rtl($locale=null) { - return Gallery_I18n::instance()->is_rtl($locale); + return Gallery_I18n::instance()->is_rtl($locale); } /** -- cgit v1.2.3 From 8a8d8b4bc4425bddb4661df3bf081d131f369171 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Tue, 9 Feb 2010 15:49:43 -0800 Subject: Rename item name and slug if necessary to avoid a conflict when we move photos. Fixes ticket #957. --- modules/gallery/helpers/item.php | 51 +++++++++++++++++++++++++++++- modules/gallery/tests/Item_Helper_Test.php | 28 +++++++++++++--- 2 files changed, 73 insertions(+), 6 deletions(-) (limited to 'modules/gallery') diff --git a/modules/gallery/helpers/item.php b/modules/gallery/helpers/item.php index 41d49ce9..36193071 100644 --- a/modules/gallery/helpers/item.php +++ b/modules/gallery/helpers/item.php @@ -40,7 +40,56 @@ class item_Core { } $source->parent_id = $target->id; - $source->save(); + + // Moving may result in name or slug conflicts. If that happens, try up to 5 times to pick a + // random name (or slug) to avoid the conflict. + $orig_name = $source->name; + $orig_name_filename = pathinfo($source->name, PATHINFO_FILENAME); + $orig_name_extension = pathinfo($source->name, PATHINFO_EXTENSION); + $orig_slug = $source->slug; + for ($i = 0; $i < 5; $i++) { + try { + $source->save(); + if ($orig_name != $source->name) { + switch ($source->type) { + case "album": + message::info( + t("Album %old_name renamed to %new_name to avoid a conflict", + array("old_name" => $orig_name, "new_name" => $source->name))); + break; + + case "photo": + message::info( + t("Photo %old_name renamed to %new_name to avoid a conflict", + array("old_name" => $orig_name, "new_name" => $source->name))); + break; + + case "movie": + message::info( + t("Movie %old_name renamed to %new_name to avoid a conflict", + array("old_name" => $orig_name, "new_name" => $source->name))); + break; + } + } + break; + } catch (ORM_Validation_Exception $e) { + $rand = rand(10, 99); + $errors = $e->validation->errors(); + if (isset($errors["name"])) { + $source->name = $orig_name_filename . "-{$rand}." . $orig_name_extension; + unset($errors["name"]); + } + if (isset($errors["slug"])) { + $source->slug = $orig_slug . "-{$rand}"; + unset($errors["slug"]); + } + + if ($errors) { + // There were other validation issues-- we don't know how to handle those + throw $e; + } + } + } // If the target has no cover item, make this it. if ($target->album_cover_item_id == null) { diff --git a/modules/gallery/tests/Item_Helper_Test.php b/modules/gallery/tests/Item_Helper_Test.php index d6817ef9..50587702 100644 --- a/modules/gallery/tests/Item_Helper_Test.php +++ b/modules/gallery/tests/Item_Helper_Test.php @@ -19,6 +19,10 @@ */ class Item_Helper_Test extends Gallery_Unit_Test_Case { + public function setup() { + identity::set_active_user(identity::admin_user()); + } + public function viewable_test() { $album = test::random_album(); $item = test::random_photo($album); @@ -44,7 +48,6 @@ class Item_Helper_Test extends Gallery_Unit_Test_Case { } public function move_test() { - identity::set_active_user(identity::admin_user()); $photo = test::random_photo(item::root()); $dst_album = test::random_album(); @@ -54,8 +57,6 @@ class Item_Helper_Test extends Gallery_Unit_Test_Case { public function move_updates_album_covers_test() { - identity::set_active_user(identity::admin_user()); - // 2 photos in the source album $src_album = test::random_album(); $photo1 = test::random_photo($src_album); @@ -78,8 +79,6 @@ class Item_Helper_Test extends Gallery_Unit_Test_Case { } public function move_leaves_empty_album_with_no_album_cover_test() { - identity::set_active_user(identity::admin_user()); - $src_album = test::random_album(); $photo = test::random_photo($src_album); @@ -89,4 +88,23 @@ class Item_Helper_Test extends Gallery_Unit_Test_Case { $this->assert_false($src_album->album_cover_item_id); } + public function move_conflicts_result_in_a_rename_test() { + $rand = rand(); + $photo1 = test::random_photo_unsaved(item::root()); + $photo1->name = "{$rand}.jpg"; + $photo1->slug = (string)$rand; + $photo1->save(); + + $src_album = test::random_album(); + $photo2 = test::random_photo_unsaved($src_album); + $photo2->name = "{$rand}.jpg"; + $photo2->slug = (string)$rand; + $photo2->save(); + + item::move($photo2, item::root()); + + $this->assert_same(item::root()->id, $photo2->parent_id); + $this->assert_not_same("{$rand}.jpg", $photo2->name); + $this->assert_not_same($rand, $photo2->slug); + } } -- cgit v1.2.3 From 92c2dd61ffa2140ec484ede0b75bb10b35229e63 Mon Sep 17 00:00:00 2001 From: Chad Kieffer Date: Tue, 9 Feb 2010 21:57:04 -0700 Subject: Formated upgrader for RTL languages. Closes ticket #883 --- modules/gallery/css/upgrader.css | 39 ++++++++++++++++++++++++++++----- modules/gallery/views/upgrader.html.php | 4 ++-- 2 files changed, 36 insertions(+), 7 deletions(-) (limited to 'modules/gallery') diff --git a/modules/gallery/css/upgrader.css b/modules/gallery/css/upgrader.css index 73da0ff4..2b3b5afd 100644 --- a/modules/gallery/css/upgrader.css +++ b/modules/gallery/css/upgrader.css @@ -26,6 +26,12 @@ div#footer { margin: 1em; } +table { + width: 600px; + margin-bottom: 10px; +} + +th.name, td.name { text-align: left; padding-left: 30px; @@ -53,11 +59,6 @@ tr.upgradeable td.gallery { color: #00d; } -table { - width: 600px; - margin-bottom: 10px; -} - p { font-size: .9em; } @@ -125,3 +126,31 @@ pre { margin: 0px; padding: 0px; } + +.rtl { + direction: rtl; +} + +.rtl th.name, +.rtl td.name { + text-align: right; + padding-right: 30px; +} + + +.rtl li:before { + content: ""; +} + +.rtl li:after { + content: "\00BB \0020"; +} + +.rtl ul { + margin-right: 0; + padding-right: 0; +} + +.rtl div#dialog a.close { + float: left; +} diff --git a/modules/gallery/views/upgrader.html.php b/modules/gallery/views/upgrader.html.php index 4490557c..55731440 100644 --- a/modules/gallery/views/upgrader.html.php +++ b/modules/gallery/views/upgrader.html.php @@ -6,7 +6,7 @@ media="screen,print,projection" /> - + >
" />
@@ -59,7 +59,7 @@

"> - + -- cgit v1.2.3 From f6c615c379bb6950dacff34bfda73a616dce6e6b Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Wed, 10 Feb 2010 08:32:30 -0800 Subject: Use the helper ulr:current instead of manually creating the continue url. --- modules/gallery/controllers/admin.php | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) (limited to 'modules/gallery') diff --git a/modules/gallery/controllers/admin.php b/modules/gallery/controllers/admin.php index 5467e88a..7706e9fc 100644 --- a/modules/gallery/controllers/admin.php +++ b/modules/gallery/controllers/admin.php @@ -56,10 +56,8 @@ class Admin_Controller extends Controller { private static function _prompt_for_reauth($controller_name, $args) { if (request::method() == "get" && !request::is_ajax()) { - $url_args = array("admin", $controller_name) + $args; - $continue_url = join("/", $url_args); // Avoid anti-phishing protection by passing the url as session variable. - Session::instance()->set("continue_url", $continue_url); + Session::instance()->set("continue_url", url::current(true)); } url::redirect("reauthenticate"); } -- cgit v1.2.3 From 17f0a1b10f3df250129188316c14b01f0e3b45f0 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Wed, 10 Feb 2010 08:45:14 -0800 Subject: If the user does not have permission to view the album, photo or movie, redirect to a logon page to allow the user to login. Pass the target url as a session variable to allow the user to be redirected where they want to go if the login was successful. Fixes ticket #1009. --- modules/gallery/controllers/albums.php | 21 ++++++++++----------- modules/gallery/controllers/login.php | 3 ++- modules/gallery/controllers/movies.php | 11 ++++++++++- modules/gallery/controllers/photos.php | 10 +++++++++- 4 files changed, 31 insertions(+), 14 deletions(-) (limited to 'modules/gallery') diff --git a/modules/gallery/controllers/albums.php b/modules/gallery/controllers/albums.php index a378f3ee..1d369b95 100644 --- a/modules/gallery/controllers/albums.php +++ b/modules/gallery/controllers/albums.php @@ -28,20 +28,19 @@ class Albums_Controller extends Items_Controller { // sure that we're actually receiving an object Kohana::show_404(); } - $page_size = module::get_var("gallery", "page_size", 9); + if (!access::can("view", $album)) { - if ($album->id == 1) { - $view = new Theme_View("page.html", "other", "login"); - $view->page_title = t("Log in to Gallery"); - $view->content = new View("login_ajax.html"); - $view->content->form = auth::get_login_form("login/auth_html"); - print $view; - return; - } else { - access::forbidden(); - } + $view = new Theme_View("page.html", "other", "login"); + $view->page_title = t("Log in to Gallery"); + $view->content = new View("login_ajax.html"); + $view->content->form = auth::get_login_form("login/auth_html"); + // Avoid anti-phishing protection by passing the url as session variable. + Session::instance()->set("continue_url", url::current(true)); + print $view; + return; } + $page_size = module::get_var("gallery", "page_size", 9); $input = Input::instance(); $show = $input->get("show"); diff --git a/modules/gallery/controllers/login.php b/modules/gallery/controllers/login.php index 5a08b693..093c15da 100644 --- a/modules/gallery/controllers/login.php +++ b/modules/gallery/controllers/login.php @@ -44,9 +44,10 @@ class Login_Controller extends Controller { public function auth_html() { access::verify_csrf(); + $continue_url = Session::instance()->get("continue_url", null); list ($valid, $form) = $this->_auth("login/auth_html"); if ($valid) { - url::redirect(item::root()->abs_url()); + url::redirect($continue_url ? $continue_url : item::root()->abs_url()); } else { $view = new Theme_View("page.html", "other", "login"); $view->page_title = t("Log in to Gallery"); diff --git a/modules/gallery/controllers/movies.php b/modules/gallery/controllers/movies.php index b51282b3..9e882ef4 100644 --- a/modules/gallery/controllers/movies.php +++ b/modules/gallery/controllers/movies.php @@ -24,7 +24,16 @@ class Movies_Controller extends Items_Controller { // sure that we're actually receiving an object Kohana::show_404(); } - access::required("view", $movie); + + if (!access::can("view", $movie)) { + $view = new Theme_View("page.html", "other", "login"); + $view->page_title = t("Log in to Gallery"); + $view->content = new View("login_ajax.html"); + $view->content->form = auth::get_login_form("login/auth_html"); + + print $view; + return; + } $where = array(array("type", "!=", "album")); $position = $movie->parent()->get_position($movie, $where); diff --git a/modules/gallery/controllers/photos.php b/modules/gallery/controllers/photos.php index b5da3884..8beae207 100644 --- a/modules/gallery/controllers/photos.php +++ b/modules/gallery/controllers/photos.php @@ -24,7 +24,15 @@ class Photos_Controller extends Items_Controller { // sure that we're actually receiving an object Kohana::show_404(); } - access::required("view", $photo); + + if (!access::can("view", $photo)) { + $view = new Theme_View("page.html", "other", "login"); + $view->page_title = t("Log in to Gallery"); + $view->content = new View("login_ajax.html"); + $view->content->form = auth::get_login_form("login/auth_html"); + print $view; + return; + } $where = array(array("type", "!=", "album")); $position = $photo->parent()->get_position($photo, $where); -- cgit v1.2.3 From 8ef08d20883d9b9aa0b7560ce3bf6da8a6632149 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Wed, 10 Feb 2010 08:53:39 -0800 Subject: Refactor the code to display the login page if the user does not have view permission into the common auth::require_login() method. --- modules/gallery/controllers/albums.php | 8 +------- modules/gallery/controllers/movies.php | 7 +------ modules/gallery/controllers/photos.php | 6 +----- modules/gallery/helpers/auth.php | 13 +++++++++++++ 4 files changed, 16 insertions(+), 18 deletions(-) (limited to 'modules/gallery') diff --git a/modules/gallery/controllers/albums.php b/modules/gallery/controllers/albums.php index 1d369b95..e1985cfb 100644 --- a/modules/gallery/controllers/albums.php +++ b/modules/gallery/controllers/albums.php @@ -30,13 +30,7 @@ class Albums_Controller extends Items_Controller { } if (!access::can("view", $album)) { - $view = new Theme_View("page.html", "other", "login"); - $view->page_title = t("Log in to Gallery"); - $view->content = new View("login_ajax.html"); - $view->content->form = auth::get_login_form("login/auth_html"); - // Avoid anti-phishing protection by passing the url as session variable. - Session::instance()->set("continue_url", url::current(true)); - print $view; + print auth::require_login(); return; } diff --git a/modules/gallery/controllers/movies.php b/modules/gallery/controllers/movies.php index 9e882ef4..8041066e 100644 --- a/modules/gallery/controllers/movies.php +++ b/modules/gallery/controllers/movies.php @@ -26,12 +26,7 @@ class Movies_Controller extends Items_Controller { } if (!access::can("view", $movie)) { - $view = new Theme_View("page.html", "other", "login"); - $view->page_title = t("Log in to Gallery"); - $view->content = new View("login_ajax.html"); - $view->content->form = auth::get_login_form("login/auth_html"); - - print $view; + print auth::require_login(); return; } diff --git a/modules/gallery/controllers/photos.php b/modules/gallery/controllers/photos.php index 8beae207..778e9ae7 100644 --- a/modules/gallery/controllers/photos.php +++ b/modules/gallery/controllers/photos.php @@ -26,11 +26,7 @@ class Photos_Controller extends Items_Controller { } if (!access::can("view", $photo)) { - $view = new Theme_View("page.html", "other", "login"); - $view->page_title = t("Log in to Gallery"); - $view->content = new View("login_ajax.html"); - $view->content->form = auth::get_login_form("login/auth_html"); - print $view; + print auth::require_login(); return; } diff --git a/modules/gallery/helpers/auth.php b/modules/gallery/helpers/auth.php index c3e9e6e9..f5454f85 100644 --- a/modules/gallery/helpers/auth.php +++ b/modules/gallery/helpers/auth.php @@ -130,4 +130,17 @@ class auth_Core { $session->set("admin_area_activity_timestamp", time()); return false; } + + /** + * Redirect to the login page. + */ + static function require_login() { + $view = new Theme_View("page.html", "other", "login"); + $view->page_title = t("Log in to Gallery"); + $view->content = new View("login_ajax.html"); + $view->content->form = auth::get_login_form("login/auth_html"); + // Avoid anti-phishing protection by passing the url as session variable. + Session::instance()->set("continue_url", url::current(true)); + return $view; + } } \ No newline at end of file -- cgit v1.2.3