From 7cc37451f4b7f7fe833fd5d355dab0f2a904d35e Mon Sep 17 00:00:00 2001
From: Jan Koprowski <johny@falcon.(none)>
Date: Sat, 12 Sep 2009 20:36:02 +0200
Subject: Forbid from add symbolink link in admin server add.  Read ticket #744
 for more details.

---
 modules/server_add/controllers/admin_server_add.php | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

(limited to 'modules/server_add/controllers')

diff --git a/modules/server_add/controllers/admin_server_add.php b/modules/server_add/controllers/admin_server_add.php
index fac2aa44..af9c5b22 100644
--- a/modules/server_add/controllers/admin_server_add.php
+++ b/modules/server_add/controllers/admin_server_add.php
@@ -34,15 +34,17 @@ class Admin_Server_Add_Controller extends Admin_Controller {
     $form = $this->_get_admin_form();
     $paths = unserialize(module::get_var("server_add", "authorized_paths", "a:0:{}"));
     if ($form->validate()) {
-      if (is_readable($form->add_path->path->value)) {
+      if (is_link($form->add_path->path->value)) {
+        $form->add_path->path->add_error("is_symlink", 1);
+      } else if (! is_readable($form->add_path->path->value)) {
+        $form->add_path->path->add_error("not_readable", 1);
+      } else {
         $path = $form->add_path->path->value;
         $paths[$path] = 1;
         module::set_var("server_add", "authorized_paths", serialize($paths));
         message::success(t("Added path %path", array("path" => $path)));
         server_add::check_config($paths);
         url::redirect("admin/server_add");
-      } else {
-        $form->add_path->path->add_error("not_readable", 1);
       }
     }
 
@@ -84,9 +86,10 @@ class Admin_Server_Add_Controller extends Admin_Controller {
                       array("id" => "gServerAddAdminForm"));
     $add_path = $form->group("add_path");
     $add_path->input("path")->label(t("Path"))->rules("required")
-      ->error_messages("not_readable", t("This directory is not readable by the webserver"));
+      ->error_messages("not_readable", t("This directory is not readable by the webserver"))
+      ->error_messages("is_symlink", t("Path can not be symbolic link"));
     $add_path->submit("add")->value(t("Add Path"));
 
     return $form;
   }
-}
\ No newline at end of file
+}
-- 
cgit v1.2.3


From c3f8b623766fe20768fb86c21e8455785b8e9928 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Tue, 15 Sep 2009 19:57:12 -0700
Subject: Adjust the text of the symlink error message.

---
 modules/server_add/controllers/admin_server_add.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'modules/server_add/controllers')

diff --git a/modules/server_add/controllers/admin_server_add.php b/modules/server_add/controllers/admin_server_add.php
index af9c5b22..7cd82d60 100644
--- a/modules/server_add/controllers/admin_server_add.php
+++ b/modules/server_add/controllers/admin_server_add.php
@@ -87,7 +87,7 @@ class Admin_Server_Add_Controller extends Admin_Controller {
     $add_path = $form->group("add_path");
     $add_path->input("path")->label(t("Path"))->rules("required")
       ->error_messages("not_readable", t("This directory is not readable by the webserver"))
-      ->error_messages("is_symlink", t("Path can not be symbolic link"));
+      ->error_messages("is_symlink", t("Symbolic links are not allowed"));
     $add_path->submit("add")->value(t("Add Path"));
 
     return $form;
-- 
cgit v1.2.3


From a5af531fbee1db0c3a0ae0d23388245b2d2ec2de Mon Sep 17 00:00:00 2001
From: Tim Almdal <tnalmdal@shaw.ca>
Date: Thu, 17 Sep 2009 07:04:11 -0700
Subject: Don't show links as part of the auto complete list

---
 modules/server_add/controllers/admin_server_add.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'modules/server_add/controllers')

diff --git a/modules/server_add/controllers/admin_server_add.php b/modules/server_add/controllers/admin_server_add.php
index 7cd82d60..38190fee 100644
--- a/modules/server_add/controllers/admin_server_add.php
+++ b/modules/server_add/controllers/admin_server_add.php
@@ -36,7 +36,7 @@ class Admin_Server_Add_Controller extends Admin_Controller {
     if ($form->validate()) {
       if (is_link($form->add_path->path->value)) {
         $form->add_path->path->add_error("is_symlink", 1);
-      } else if (! is_readable($form->add_path->path->value)) {
+      } else if (!is_readable($form->add_path->path->value)) {
         $form->add_path->path->add_error("not_readable", 1);
       } else {
         $path = $form->add_path->path->value;
@@ -73,7 +73,7 @@ class Admin_Server_Add_Controller extends Admin_Controller {
     $directories = array();
     $path_prefix = $this->input->get("q");
     foreach (glob("{$path_prefix}*") as $file) {
-      if (is_dir($file)) {
+      if (is_dir($file) && !is_link($file)) {
         $directories[] = $file;
       }
     }
-- 
cgit v1.2.3


From c7f8d8be6fe9e15b11ef781bdd6ed279fcb5f1a4 Mon Sep 17 00:00:00 2001
From: Tim Almdal <tnalmdal@shaw.ca>
Date: Thu, 17 Sep 2009 10:57:22 -0700
Subject: Don't try to creat an album that corresponds to the staging
 directory.  Just add the contents of the staging directlyinto the album that
 server_add was invoked from. Fixes ticket #785

---
 modules/server_add/controllers/server_add.php | 22 +++++++++++++++-------
 1 file changed, 15 insertions(+), 7 deletions(-)

(limited to 'modules/server_add/controllers')

diff --git a/modules/server_add/controllers/server_add.php b/modules/server_add/controllers/server_add.php
index 26b3bd08..9769cd6f 100644
--- a/modules/server_add/controllers/server_add.php
+++ b/modules/server_add/controllers/server_add.php
@@ -137,17 +137,25 @@ class Server_Add_Controller extends Admin_Controller {
       // form [path, parent_id] where the parent_id refers to another Server_Add_File_Model.  We
       // have this extra level of abstraction because we don't know its Item_Model id yet.
       $queue = $task->get("queue");
+      $paths = unserialize(module::get_var("server_add", "authorized_paths"));
+
       while ($queue && microtime(true) - $start < 0.5) {
         list($file, $parent_entry_id) = array_shift($queue);
-        $entry = ORM::factory("server_add_file");
-        $entry->task_id = $task->id;
-        $entry->file = $file;
-        $entry->parent_id = $parent_entry_id;
-        $entry->save();
+        // Ignore the staging directories as directories to be imported.
+        if (empty($paths[$file])) {
+          $entry = ORM::factory("server_add_file");
+          $entry->task_id = $task->id;
+          $entry->file = $file;
+          $entry->parent_id = $parent_entry_id;
+          $entry->save();
+          $entry_id = $entry->id;
+        } else {
+          $entry_id = null;
+        }
 
         foreach (glob("$file/*") as $child) {
           if (is_dir($child)) {
-            $queue[] = array($child, $entry->id);
+            $queue[] = array($child, $entry_id);
           } else {
             $ext = strtolower(pathinfo($child, PATHINFO_EXTENSION));
             if (in_array($ext, array("gif", "jpeg", "jpg", "png", "flv", "mp4")) &&
@@ -155,7 +163,7 @@ class Server_Add_Controller extends Admin_Controller {
               $child_entry = ORM::factory("server_add_file");
               $child_entry->task_id = $task->id;
               $child_entry->file = $child;
-              $child_entry->parent_id = $entry->id;
+              $child_entry->parent_id = $entry_id;
               $child_entry->save();
             }
           }
-- 
cgit v1.2.3