From 0fe44fe3809041edb64b69496bcee070578483d5 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Fri, 6 Aug 2010 10:40:41 -0700 Subject: Use module::install and module::activate for the gallery module as well; I've verified that it generates the same installer files. --- modules/gallery/controllers/packager.php | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) (limited to 'modules') diff --git a/modules/gallery/controllers/packager.php b/modules/gallery/controllers/packager.php index 835cb903..f463d0de 100644 --- a/modules/gallery/controllers/packager.php +++ b/modules/gallery/controllers/packager.php @@ -59,11 +59,7 @@ class Packager_Controller extends Controller { // numbers, keeping our install.sql file more stable. srand(0); - gallery_installer::install(true); - - module::load_modules(); - - foreach (array("user", "comment", "organize", "info", "rest", + foreach (array("gallery", "user", "comment", "organize", "info", "rest", "rss", "search", "slideshow", "tag") as $module_name) { module::install($module_name); module::activate($module_name); -- cgit v1.2.3 From 1b2da1ff70acba4177a7ebea825f802f24801a0c Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Fri, 6 Aug 2010 10:41:38 -0700 Subject: Add a "weight" column to the module table. This allows us to specify module ordering, which is currently being done in the moduleorder contrib module. By default, the weight will be the same as the id of the row which means that new modules will get added at the end of the list. This is covered in the upgrade case as well. The one gotcha is that we need to make sure that we don't try to sort by the weight column if the gallery module version is < 32, which is something we haven't done before. Fixes ticket #1272. --- installer/install.sql | 30 ++++++++++++++------------- modules/gallery/helpers/gallery_installer.php | 13 ++++++++++-- modules/gallery/helpers/module.php | 20 +++++++++++++++++- modules/gallery/module.info | 2 +- 4 files changed, 47 insertions(+), 18 deletions(-) (limited to 'modules') diff --git a/installer/install.sql b/installer/install.sql index 8836f53f..18cf607a 100644 --- a/installer/install.sql +++ b/installer/install.sql @@ -236,20 +236,22 @@ CREATE TABLE {modules} ( `active` tinyint(1) DEFAULT '0', `name` varchar(64) DEFAULT NULL, `version` int(9) DEFAULT NULL, + `weight` int(9) DEFAULT NULL, PRIMARY KEY (`id`), - UNIQUE KEY `name` (`name`) + UNIQUE KEY `name` (`name`), + KEY `weight` (`weight`) ) AUTO_INCREMENT=11 DEFAULT CHARSET=utf8; /*!40101 SET character_set_client = @saved_cs_client */; -INSERT INTO {modules} VALUES (1,1,'gallery',31); -INSERT INTO {modules} VALUES (2,1,'user',3); -INSERT INTO {modules} VALUES (3,1,'comment',3); -INSERT INTO {modules} VALUES (4,1,'organize',1); -INSERT INTO {modules} VALUES (5,1,'info',1); -INSERT INTO {modules} VALUES (6,1,'rest',3); -INSERT INTO {modules} VALUES (7,1,'rss',1); -INSERT INTO {modules} VALUES (8,1,'search',1); -INSERT INTO {modules} VALUES (9,1,'slideshow',2); -INSERT INTO {modules} VALUES (10,1,'tag',2); +INSERT INTO {modules} VALUES (1,1,'gallery',32,1); +INSERT INTO {modules} VALUES (2,1,'user',3,2); +INSERT INTO {modules} VALUES (3,1,'comment',3,3); +INSERT INTO {modules} VALUES (4,1,'organize',1,4); +INSERT INTO {modules} VALUES (5,1,'info',1,5); +INSERT INTO {modules} VALUES (6,1,'rest',3,6); +INSERT INTO {modules} VALUES (7,1,'rss',1,7); +INSERT INTO {modules} VALUES (8,1,'search',1,8); +INSERT INTO {modules} VALUES (9,1,'slideshow',2,9); +INSERT INTO {modules} VALUES (10,1,'tag',2,10); DROP TABLE IF EXISTS {outgoing_translations}; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; @@ -391,7 +393,7 @@ CREATE TABLE {vars} ( `value` text, PRIMARY KEY (`id`), UNIQUE KEY `module_name` (`module_name`,`name`) -) AUTO_INCREMENT=42 DEFAULT CHARSET=utf8; +) AUTO_INCREMENT=43 DEFAULT CHARSET=utf8; /*!40101 SET character_set_client = @saved_cs_client */; INSERT INTO {vars} VALUES (NULL,'gallery','active_site_theme','wind'); INSERT INTO {vars} VALUES (NULL,'gallery','active_admin_theme','admin_wind'); @@ -408,14 +410,14 @@ INSERT INTO {vars} VALUES (NULL,'gallery','simultaneous_upload_limit','5'); INSERT INTO {vars} VALUES (NULL,'gallery','admin_area_timeout','5400'); INSERT INTO {vars} VALUES (NULL,'gallery','maintenance_mode','0'); INSERT INTO {vars} VALUES (NULL,'gallery','blocks_dashboard_sidebar','a:4:{i:2;a:2:{i:0;s:7:\"gallery\";i:1;s:11:\"block_adder\";}i:3;a:2:{i:0;s:7:\"gallery\";i:1;s:5:\"stats\";}i:4;a:2:{i:0;s:7:\"gallery\";i:1;s:13:\"platform_info\";}i:5;a:2:{i:0;s:7:\"gallery\";i:1;s:12:\"project_news\";}}'); -INSERT INTO {vars} VALUES (NULL,'comment','access_permissions','everybody'); INSERT INTO {vars} VALUES (NULL,'gallery','date_time_format','Y-M-d H:i:s'); INSERT INTO {vars} VALUES (NULL,'gallery','date_format','Y-M-d'); INSERT INTO {vars} VALUES (NULL,'gallery','blocks_dashboard_center','a:3:{i:6;a:2:{i:0;s:7:\"gallery\";i:1;s:7:\"welcome\";}i:7;a:2:{i:0;s:7:\"gallery\";i:1;s:12:\"photo_stream\";}i:8;a:2:{i:0;s:7:\"gallery\";i:1;s:11:\"log_entries\";}}'); INSERT INTO {vars} VALUES (NULL,'gallery','choose_default_tookit','1'); +INSERT INTO {vars} VALUES (NULL,'comment','access_permissions','everybody'); +INSERT INTO {vars} VALUES (NULL,'gallery','blocks_site_sidebar','a:4:{i:9;a:2:{i:0;s:7:\"gallery\";i:1;s:8:\"language\";}i:10;a:2:{i:0;s:4:\"info\";i:1;s:8:\"metadata\";}i:11;a:2:{i:0;s:3:\"rss\";i:1;s:9:\"rss_feeds\";}i:12;a:2:{i:0;s:3:\"tag\";i:1;s:3:\"tag\";}}'); INSERT INTO {vars} VALUES (NULL,'gallery','identity_provider','user'); INSERT INTO {vars} VALUES (NULL,'comment','spam_caught','0'); INSERT INTO {vars} VALUES (NULL,'user','mininum_password_length','5'); INSERT INTO {vars} VALUES (NULL,'rest','allow_guest_access','0'); -INSERT INTO {vars} VALUES (NULL,'gallery','blocks_site_sidebar','a:3:{i:9;a:2:{i:0;s:4:\"info\";i:1;s:8:\"metadata\";}i:10;a:2:{i:0;s:3:\"rss\";i:1;s:9:\"rss_feeds\";}i:11;a:2:{i:0;s:3:\"tag\";i:1;s:3:\"tag\";}}'); INSERT INTO {vars} VALUES (NULL,'slideshow','max_scale','0'); diff --git a/modules/gallery/helpers/gallery_installer.php b/modules/gallery/helpers/gallery_installer.php index f5589618..8fc0cf96 100644 --- a/modules/gallery/helpers/gallery_installer.php +++ b/modules/gallery/helpers/gallery_installer.php @@ -144,8 +144,10 @@ class gallery_installer { `active` BOOLEAN default 0, `name` varchar(64) default NULL, `version` int(9) default NULL, + `weight` int(9) default NULL, PRIMARY KEY (`id`), - UNIQUE KEY(`name`)) + UNIQUE KEY(`name`), + KEY (`weight`)) DEFAULT CHARSET=utf8;"); $db->query("CREATE TABLE {outgoing_translations} ( @@ -296,7 +298,7 @@ class gallery_installer { module::set_var("gallery", "simultaneous_upload_limit", 5); module::set_var("gallery", "admin_area_timeout", 90 * 60); module::set_var("gallery", "maintenance_mode", 0); - module::set_version("gallery", 31); + module::set_version("gallery", 32); } static function upgrade($version) { @@ -561,6 +563,13 @@ class gallery_installer { module::set_var("gallery", "maintenance_mode", 0); module::set_version("gallery", $version = 31); } + + if ($version == 31) { + db::update("modules") + ->set("weight", "=", "id") + ->execute(); + module::set_version("gallery", $version = 32); + } } static function uninstall() { diff --git a/modules/gallery/helpers/module.php b/modules/gallery/helpers/module.php index 5134c7b3..ca6651f1 100644 --- a/modules/gallery/helpers/module.php +++ b/modules/gallery/helpers/module.php @@ -166,6 +166,16 @@ class module_Core { } else { module::set_version($module_name, 1); } + + // Set the weight of the new module, which controls the order in which the modules are + // loaded. By default, new modules are installed at the end of the priority list. Since the + // id field is monotonically increasing, the easiest way to guarantee that is to set the weight + // the same as the id. We don't know that until we save it for the first time + $module = ORM::factory("module")->where("name", "=", $module_name)->find(); + if ($module->loaded()) { + $module->weight = $module->id; + $module->save(); + } module::load_modules(); // Now the module is installed but inactive, so don't leave it in the active path @@ -314,7 +324,15 @@ class module_Core { self::$modules = array(); self::$active = array(); $kohana_modules = array(); - foreach (ORM::factory("module")->find_all() as $module) { + + // In version 32 we introduced a weight column so we can specify the module order + // If we try to use that blindly, we'll break earlier versions before they can even + // run the upgrader. + $modules = module::get_version("gallery") < 32 ? + ORM::factory("module")->find_all(): + ORM::factory("module")->order_by("weight")->find_all(); + + foreach ($modules as $module) { self::$modules[$module->name] = $module; if (!$module->active) { continue; diff --git a/modules/gallery/module.info b/modules/gallery/module.info index 7d28a7c1..59db07de 100644 --- a/modules/gallery/module.info +++ b/modules/gallery/module.info @@ -1,3 +1,3 @@ name = "Gallery 3" description = "Gallery core application" -version = 31 +version = 32 -- cgit v1.2.3 From 16ae65464cb33b16d77cb214bebb699158d548a7 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sat, 7 Aug 2010 10:57:18 -0700 Subject: Oops. Fix the upgrader path to add the weight column to the modules table. --- modules/gallery/helpers/gallery_installer.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'modules') diff --git a/modules/gallery/helpers/gallery_installer.php b/modules/gallery/helpers/gallery_installer.php index 8fc0cf96..7896a7a7 100644 --- a/modules/gallery/helpers/gallery_installer.php +++ b/modules/gallery/helpers/gallery_installer.php @@ -565,8 +565,10 @@ class gallery_installer { } if ($version == 31) { + $db->query("ALTER TABLE {modules} ADD COLUMN `weight` int(9) DEFAULT NULL"); + $db->query("ALTER TABLE {modules} ADD KEY (`weight`)"); db::update("modules") - ->set("weight", "=", "id") + ->set("weight", new Database_Expression("`id`")) ->execute(); module::set_version("gallery", $version = 32); } -- cgit v1.2.3 From 779d91cca01567a09b894e9fff4dfa32cb82d3d9 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sat, 7 Aug 2010 12:18:43 -0700 Subject: Add an index for left_ptr, since we use that in ORM_MPTT::parents() which is on every album page. Bump Gallery module version to 33. --- modules/gallery/helpers/gallery_installer.php | 10 ++++++++-- modules/gallery/module.info | 2 +- 2 files changed, 9 insertions(+), 3 deletions(-) (limited to 'modules') diff --git a/modules/gallery/helpers/gallery_installer.php b/modules/gallery/helpers/gallery_installer.php index 7896a7a7..21c47ad5 100644 --- a/modules/gallery/helpers/gallery_installer.php +++ b/modules/gallery/helpers/gallery_installer.php @@ -114,7 +114,8 @@ class gallery_installer { KEY `parent_id` (`parent_id`), KEY `type` (`type`), KEY `random` (`rand_key`), - KEY `weight` (`weight` DESC)) + KEY `weight` (`weight` DESC), + KEY `left_ptr` (`left_ptr`)) DEFAULT CHARSET=utf8;"); $db->query("CREATE TABLE {logs} ( @@ -298,7 +299,7 @@ class gallery_installer { module::set_var("gallery", "simultaneous_upload_limit", 5); module::set_var("gallery", "admin_area_timeout", 90 * 60); module::set_var("gallery", "maintenance_mode", 0); - module::set_version("gallery", 32); + module::set_version("gallery", 33); } static function upgrade($version) { @@ -572,6 +573,11 @@ class gallery_installer { ->execute(); module::set_version("gallery", $version = 32); } + + if ($version == 32) { + $db->query("ALTER TABLE {items} ADD KEY (`left_ptr`)"); + module::set_version("gallery", $version = 33); + } } static function uninstall() { diff --git a/modules/gallery/module.info b/modules/gallery/module.info index 59db07de..dbecda03 100644 --- a/modules/gallery/module.info +++ b/modules/gallery/module.info @@ -1,3 +1,3 @@ name = "Gallery 3" description = "Gallery core application" -version = 32 +version = 33 -- cgit v1.2.3 From c6ca77377f2c55316923c62e80b34802a45979c2 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sat, 7 Aug 2010 18:02:39 -0700 Subject: Whitespace fix. --- modules/gallery/controllers/uploader.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'modules') diff --git a/modules/gallery/controllers/uploader.php b/modules/gallery/controllers/uploader.php index 87520032..85d344d6 100644 --- a/modules/gallery/controllers/uploader.php +++ b/modules/gallery/controllers/uploader.php @@ -50,7 +50,8 @@ class Uploader_Controller extends Controller { // Uploadify adds its own field to the form, so validate that separately. $file_validation = new Validation($_FILES); $file_validation->add_rules( - "Filedata", "upload::valid", "upload::required", "upload::type[gif,jpg,jpeg,png,flv,mp4,m4v]"); + "Filedata", "upload::valid", "upload::required", + "upload::type[gif,jpg,jpeg,png,flv,mp4,m4v]"); if ($form->validate() && $file_validation->validate()) { $temp_filename = upload::save("Filedata"); -- cgit v1.2.3 From 1abf43d3f1efa9d0d51f4c7e8f6f946db2497a09 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sat, 7 Aug 2010 22:06:57 -0700 Subject: Add a max_level to _sanitize_for_dump() so that we don't blow the stack. --- modules/gallery/libraries/MY_Kohana_Exception.php | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) (limited to 'modules') diff --git a/modules/gallery/libraries/MY_Kohana_Exception.php b/modules/gallery/libraries/MY_Kohana_Exception.php index 72cb2ac0..27d1afc1 100644 --- a/modules/gallery/libraries/MY_Kohana_Exception.php +++ b/modules/gallery/libraries/MY_Kohana_Exception.php @@ -41,16 +41,21 @@ class Kohana_Exception extends Kohana_Exception_Core { * data, such as session ids and passwords / hashes. */ public static function safe_dump($value, $key, $length=128, $max_level=5) { - return parent::dump(self::_sanitize_for_dump($value, $key), $length, $max_level); + return parent::dump(self::_sanitize_for_dump($value, $key, $max_level), $length, $max_level); } /** * Elides sensitive data which shouldn't be echoed to the client, * such as passwords, and other secrets. */ - /* Visible for testing*/ static function _sanitize_for_dump($value, $key=null) { + /* Visible for testing*/ static function _sanitize_for_dump($value, $key=null, $max_level) { // Better elide too much than letting something through. // Note: unanchored match is intended. + if (!$max_level) { + // Too much recursion; give up. We gave it our best shot. + return $value; + } + $sensitive_info_pattern = '/(password|pass|email|hash|private_key|session_id|session|g3sid|csrf|secret)/i'; if (preg_match($sensitive_info_pattern, $key) || @@ -63,7 +68,7 @@ class Kohana_Exception extends Kohana_Exception_Core { } else if ($value instanceof User_Model) { return get_class($value) . ' object for "' . $value->name . '" - details omitted for display'; } - return self::_sanitize_for_dump((array) $value, $key); + return self::_sanitize_for_dump((array) $value, $key, $max_level - 1); } else if (is_array($value)) { $result = array(); foreach ($value as $k => $v) { @@ -78,7 +83,7 @@ class Kohana_Exception extends Kohana_Exception_Core { if (is_object($v)) { $key_for_display .= ' (type: ' . get_class($v) . ')'; } - $result[$key_for_display] = self::_sanitize_for_dump($v, $actual_key); + $result[$key_for_display] = self::_sanitize_for_dump($v, $actual_key, $max_level - 1); } } else { $result = $value; -- cgit v1.2.3 From dfb095a26267f8b68b40add03dfe407966c49b92 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sat, 7 Aug 2010 22:18:28 -0700 Subject: Add the ability to replace the source data file in Item_Model::save(). Refactor the rotate code in Quick_Controller to replace the data file, and then have gallery_event::item_updated_data_file() pick up after the change is saved, rebuild the image and handle album covers. This is much more portable than before and it will allow any mechanism (eg: REST) to replace the source image. --- modules/gallery/controllers/quick.php | 22 ++------- modules/gallery/helpers/gallery_event.php | 14 ++++++ modules/gallery/helpers/movie.php | 44 +++++++++++------- modules/gallery/helpers/photo.php | 12 +++++ modules/gallery/models/item.php | 74 ++++++++++++++++++++----------- modules/gallery/tests/Item_Model_Test.php | 31 +++++++++++++ 6 files changed, 137 insertions(+), 60 deletions(-) (limited to 'modules') diff --git a/modules/gallery/controllers/quick.php b/modules/gallery/controllers/quick.php index fee601d9..c34209da 100644 --- a/modules/gallery/controllers/quick.php +++ b/modules/gallery/controllers/quick.php @@ -36,25 +36,11 @@ class Quick_Controller extends Controller { } if ($degrees) { - gallery_graphics::rotate($item->file_path(), $item->file_path(), - array("degrees" => $degrees)); - - list($item->width, $item->height) = getimagesize($item->file_path()); - $item->resize_dirty= 1; - $item->thumb_dirty= 1; + $tmpfile = tempnam(TMPPATH, "rotate"); + gallery_graphics::rotate($item->file_path(), $tmpfile, array("degrees" => $degrees)); + $item->set_data_file($tmpfile); $item->save(); - - graphics::generate($item); - - // @todo: this is an inadequate way to regenerate album cover thumbnails after rotation. - foreach (ORM::factory("item") - ->where("album_cover_item_id", "=", $item->id) - ->find_all() as $target) { - copy($item->thumb_path(), $target->thumb_path()); - $target->thumb_width = $item->thumb_width; - $target->thumb_height = $item->thumb_height; - $target->save(); - } + unlink($tmpfile); } if (Input::instance()->get("page_type") == "collection") { diff --git a/modules/gallery/helpers/gallery_event.php b/modules/gallery/helpers/gallery_event.php index e3fa5e08..e048118b 100644 --- a/modules/gallery/helpers/gallery_event.php +++ b/modules/gallery/helpers/gallery_event.php @@ -124,6 +124,20 @@ class gallery_event_Core { } } + static function item_updated_data_file($item) { + graphics::generate($item); + + // Update any places where this is the album cover + foreach (ORM::factory("item") + ->where("album_cover_item_id", "=", $item->id) + ->find_all() as $target) { + copy($item->thumb_path(), $target->thumb_path()); + $target->thumb_width = $item->thumb_width; + $target->thumb_height = $item->thumb_height; + $target->save(); + } + } + static function batch_complete() { // Set the album covers for any items that where we probably deleted the album cover during // this batch. The item may have been deleted, so don't count on it being around. Choose the diff --git a/modules/gallery/helpers/movie.php b/modules/gallery/helpers/movie.php index bbb5b66c..4ff29a7b 100644 --- a/modules/gallery/helpers/movie.php +++ b/modules/gallery/helpers/movie.php @@ -57,23 +57,6 @@ class movie_Core { return $form; } - - static function getmoviesize($filename) { - $ffmpeg = self::find_ffmpeg(); - if (empty($ffmpeg)) { - throw new Exception("@todo MISSING_FFMPEG"); - } - - $cmd = escapeshellcmd($ffmpeg) . " -i " . escapeshellarg($filename) . " 2>&1"; - $result = `$cmd`; - if (preg_match("/Stream.*?Video:.*?(\d+)x(\d+)/", $result, $regs)) { - list ($width, $height) = array($regs[1], $regs[2]); - } else { - list ($width, $height) = array(0, 0); - } - return array($width, $height); - } - static function extract_frame($input_file, $output_file) { $ffmpeg = self::find_ffmpeg(); if (empty($ffmpeg)) { @@ -114,4 +97,31 @@ class movie_Core { } return $ffmpeg_path; } + + + /** + * Return the width, height, mime_type and extension of the given movie file. + */ + static function get_file_metadata($file_path) { + $ffmpeg = self::find_ffmpeg(); + if (empty($ffmpeg)) { + throw new Exception("@todo MISSING_FFMPEG"); + } + + $cmd = escapeshellcmd($ffmpeg) . " -i " . escapeshellarg($file_path) . " 2>&1"; + $result = `$cmd`; + if (preg_match("/Stream.*?Video:.*?(\d+)x(\d+)/", $result, $regs)) { + list ($width, $height) = array($regs[1], $regs[2]); + } else { + list ($width, $height) = array(0, 0); + } + + $pi = pathinfo($file_path); + $extension = isset($pi["extension"]) ? $pi["extension"] : "flv"; // No extension? Assume FLV. + $mime_type = in_array(strtolower($extension), array("mp4", "m4v")) ? + "video/mp4" : "video/x-flv"; + + return array($width, $height, $mime_type, $extension); + } + } diff --git a/modules/gallery/helpers/photo.php b/modules/gallery/helpers/photo.php index 73cd60c0..a38b4fb2 100644 --- a/modules/gallery/helpers/photo.php +++ b/modules/gallery/helpers/photo.php @@ -77,4 +77,16 @@ class photo_Core { } return sprintf($format, $new_width, $new_height); } + + /** + * Return the width, height, mime_type and extension of the given image file. + */ + static function get_file_metadata($file_path) { + $image_info = getimagesize($file_path); + $width = $image_info[0]; + $height = $image_info[1]; + $mime_type = $image_info["mime"]; + $extension = image_type_to_extension($image_info[2], false); + return array($width, $height, $mime_type, $extension); + } } diff --git a/modules/gallery/models/item.php b/modules/gallery/models/item.php index c00b7972..5257bbb9 100644 --- a/modules/gallery/models/item.php +++ b/modules/gallery/models/item.php @@ -316,7 +316,7 @@ class Item_Model extends ORM_MPTT { unset($significant_changes["relative_url_cache"]); unset($significant_changes["relative_path_cache"]); - if (!empty($this->changed) && $significant_changes) { + if ((!empty($this->changed) && $significant_changes) || isset($this->data_file)) { $this->updated = time(); if (!$this->loaded()) { // Create a new item. @@ -341,30 +341,19 @@ class Item_Model extends ORM_MPTT { } // Get the width, height and mime type from our data file for photos and movies. - if ($this->is_movie() || $this->is_photo()) { - $pi = pathinfo($this->data_file); - + if ($this->is_photo() || $this->is_movie()) { if ($this->is_photo()) { - $image_info = getimagesize($this->data_file); - $this->width = $image_info[0]; - $this->height = $image_info[1]; - $this->mime_type = $image_info["mime"]; - - // Force an extension onto the name if necessary - if (empty($pi["extension"])) { - $pi["extension"] = image_type_to_extension($image_info[2], false); - $this->name .= "." . $pi["extension"]; - } - } else { - list ($this->width, $this->height) = movie::getmoviesize($this->data_file); - - // No extension? Assume FLV. - if (empty($pi["extension"])) { - $pi["extension"] = "flv"; - $this->name .= "." . $pi["extension"]; - } + list ($this->width, $this->height, $this->mime_type, $extension) = + photo::get_file_metadata($this->data_file); + } else if ($this->is_movie()) { + list ($this->width, $this->height, $this->mime_type, $extension) = + movie::get_file_metadata($this->data_file); + } - $this->mime_type = in_array(strtolower($pi["extension"]), array("mp4", "m4v")) ? "video/mp4" : "video/x-flv"; + // Force an extension onto the name if necessary + $pi = pathinfo($this->data_file); + if (empty($pi["extension"])) { + $this->name = "{$this->name}.$extension"; } } @@ -479,7 +468,30 @@ class Item_Model extends ORM_MPTT { ->execute(); } + // Replace the data file, if requested. + // @todo: we don't handle the case where you swap in a file of a different mime type + // should we prevent that in validation? or in set_data_file() + if ($this->data_file && ($this->is_photo() || $this->is_movie())) { + copy($this->data_file, $this->file_path()); + + // Get the width, height and mime type from our data file for photos and movies. + if ($this->is_photo()) { + list ($this->width, $this->height) = photo::get_file_metadata($this->file_path()); + } else if ($this->is_movie()) { + list ($this->width, $this->height) = movie::get_file_metadata($this->file_path()); + } + $this->thumb_dirty = 1; + $this->resize_dirty = 1; + } + module::event("item_updated", $original, $this); + + if ($this->data_file) { + // Null out the data file variable here, otherwise this event will trigger another + // save() which will think that we're doing another file move. + $this->data_file = null; + module::event("item_updated_data_file", $this); + } } } else if (!empty($this->changed)) { // Insignificant changes only. Don't fire events or do any special checking to try to keep @@ -765,8 +777,9 @@ class Item_Model extends ORM_MPTT { $this->rules["slug"] = array(); } - // Movies and photos must have data files - if (($this->is_photo() || $this->is_movie()) && !$this->loaded()) { + // Movies and photos must have data files. Verify the data file on new items, or if it has + // been replaced. + if (($this->is_photo() || $this->is_movie()) && $this->data_file) { $this->rules["name"]["callbacks"][] = array($this, "valid_data_file"); } } @@ -842,6 +855,17 @@ class Item_Model extends ORM_MPTT { } else if (filesize($this->data_file) == 0) { $v->add_error("name", "empty_data_file"); } + + if ($this->loaded()) { + if ($this->is_photo()) { + list ($a, $b, $mime_type) = photo::get_file_metadata($this->data_file); + } else if ($this->is_movie()) { + list ($a, $b, $mime_type) = movie::get_file_metadata($this->data_file); + } + if ($mime_type != $this->mime_type) { + $v->add_error("name", "cant_change_mime_type"); + } + } } /** diff --git a/modules/gallery/tests/Item_Model_Test.php b/modules/gallery/tests/Item_Model_Test.php index 907cfe24..bd123098 100644 --- a/modules/gallery/tests/Item_Model_Test.php +++ b/modules/gallery/tests/Item_Model_Test.php @@ -384,4 +384,35 @@ class Item_Model_Test extends Gallery_Unit_Test_Case { $this->assert_same($photo->id, $album->album_cover_item_id); } + + public function replace_data_file_test() { + // Random photo is modules/gallery/tests/test.jpg which is 1024x768 and 6232 bytes. + $photo = test::random_photo(); + $this->assert_equal(1024, $photo->width); + $this->assert_equal(768, $photo->height); + $this->assert_equal(6232, filesize($photo->file_path())); + + // Random photo is gallery/images/imagemagick.jpg is 114x118 and 20337 bytes + $photo->set_data_file(MODPATH . "gallery/images/imagemagick.jpg"); + $photo->save(); + + $this->assert_equal(114, $photo->width); + $this->assert_equal(118, $photo->height); + $this->assert_equal(20337, filesize($photo->file_path())); + } + + public function replacement_data_file_must_be_same_mime_type_test() { + // Random photo is modules/gallery/tests/test.jpg + $photo = test::random_photo(); + $photo->set_data_file(MODPATH . "gallery/images/graphicsmagick.png"); + + try { + $photo->save(); + } catch (ORM_Validation_Exception $e) { + $this->assert_same(array("name" => "cant_change_mime_type"), $e->validation->errors()); + return; // pass + } + $this->assert_true(false, "Shouldn't get here"); + + } } -- cgit v1.2.3 From 20fd9872965a65121c4497fb166eda15b1a9f360 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sat, 7 Aug 2010 22:33:01 -0700 Subject: A new REST resource that allows access to view and modify the actual contents of the file, which enables REST viewers to see the actual data which is useful when the files are privileged. Currently it returns the contents of the file in JSON encoded form, which may not be the best. Multipart/mime might be much better. Fixes ticket #1224. --- modules/gallery/helpers/data_rest.php | 84 +++++++++++++++++++++++++++++++++++ 1 file changed, 84 insertions(+) create mode 100644 modules/gallery/helpers/data_rest.php (limited to 'modules') diff --git a/modules/gallery/helpers/data_rest.php b/modules/gallery/helpers/data_rest.php new file mode 100644 index 00000000..ca5acb4a --- /dev/null +++ b/modules/gallery/helpers/data_rest.php @@ -0,0 +1,84 @@ +url); + access::required("view", $item); + + $p = $request->params; + switch (isset($p->size) ? $p->size : "full") { + case "thumb": + $entity = array( + "width" => $item->thumb_width, + "height" => $item->thumb_height, + "path" => $item->thumb_path()); + break; + + case "resize": + $entity = array( + "width" => $item->resize_width, + "height" => $item->resize_height, + "path" => $item->resize_path()); + break; + + default: + case "full": + $entity = array( + "width" => $item->width, + "height" => $item->height, + "path" => $item->file_path()); + break; + } + + $entity["size"] = filesize($entity["path"]); + $entity["contents"] = file_get_contents($entity["path"]); + unset($entity["path"]); + + $result = array( + "url" => $request->url, + "entity" => $entity, + "relationships" => rest::relationships("data", $item)); + return $result; + } + + static function put($request) { + $item = rest::resolve($request->url); + access::required("edit", $item); + + if ($item->is_album()) { + throw new Rest_Exception("Bad Request", 400, array("errors" => array("type" => "invalid"))); + } + + $item->set_data_file($request->file); + $item->save(); + } + + static function resolve($id) { + $item = ORM::factory("item", $id); + if (!access::can("view", $item)) { + throw new Kohana_404_Exception(); + } + return $item; + } + + static function url($item) { + return url::abs_site("rest/data/{$item->id}"); + } +} -- cgit v1.2.3 From 7f61f9754e3bcf7cd9c85d65414e1ee7945fdca5 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sun, 8 Aug 2010 00:30:55 -0700 Subject: Change file modes to 644. --- modules/gallery/images/missing_movie.png | Bin 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100755 => 100644 modules/gallery/images/missing_movie.png (limited to 'modules') diff --git a/modules/gallery/images/missing_movie.png b/modules/gallery/images/missing_movie.png old mode 100755 new mode 100644 -- cgit v1.2.3 From 4e95ec843a2bef45e044e2aa3a36fcb590d85464 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sun, 8 Aug 2010 01:12:43 -0700 Subject: Allow item_rest::put() to replace the current data file. Remove data_rest::put() altogether; it's no longer necessary. --- modules/gallery/helpers/data_rest.php | 12 ------------ modules/gallery/helpers/item_rest.php | 6 ++++++ 2 files changed, 6 insertions(+), 12 deletions(-) (limited to 'modules') diff --git a/modules/gallery/helpers/data_rest.php b/modules/gallery/helpers/data_rest.php index ca5acb4a..e45a4645 100644 --- a/modules/gallery/helpers/data_rest.php +++ b/modules/gallery/helpers/data_rest.php @@ -58,18 +58,6 @@ class data_rest_Core { return $result; } - static function put($request) { - $item = rest::resolve($request->url); - access::required("edit", $item); - - if ($item->is_album()) { - throw new Rest_Exception("Bad Request", 400, array("errors" => array("type" => "invalid"))); - } - - $item->set_data_file($request->file); - $item->save(); - } - static function resolve($id) { $item = ORM::factory("item", $id); if (!access::can("view", $item)) { diff --git a/modules/gallery/helpers/item_rest.php b/modules/gallery/helpers/item_rest.php index 6869181d..10f9e16a 100644 --- a/modules/gallery/helpers/item_rest.php +++ b/modules/gallery/helpers/item_rest.php @@ -126,6 +126,12 @@ class item_rest_Core { } } } + + // Replace the data file, if required + if (($item->is_photo() || $item->is_movie()) && isset($request->file)) { + $item->set_data_file($request->file); + } + $item->save(); if (isset($request->params->members) && $item->sort_column == "weight") { -- cgit v1.2.3 From 0d2237979a2cc92d707a47115e492bff57fa9c5d Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sun, 8 Aug 2010 01:48:09 -0700 Subject: Make the error page more informative, and include platform information. --- modules/gallery/views/error_admin.html.php | 15 +++++++++++++++ 1 file changed, 15 insertions(+) (limited to 'modules') diff --git a/modules/gallery/views/error_admin.html.php b/modules/gallery/views/error_admin.html.php index 40eb7374..5afaa0fe 100644 --- a/modules/gallery/views/error_admin.html.php +++ b/modules/gallery/views/error_admin.html.php @@ -102,6 +102,10 @@ .number { padding-right: 1em; } + + #g-platform h2 { + font-size: 1.1em; + } <?= t("Something went wrong!") ?> @@ -144,6 +148,17 @@

+

+ There's an error message below and you can find more details + in gallery3/var/logs (look for the file with the most recent + date on it). Stuck? Stop by the Gallery 3 + Forums and ask for help. You can also look at our list + of open + tickets to see if the problem you're seeing has been + reported. If you post a request, here's some useful + information to include: +

-- cgit v1.2.3 From cc43c37a1c71c54d03979489ee7f1d5884a648af Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sun, 8 Aug 2010 02:06:50 -0700 Subject: Add a sad face on the dang page. Just cause. --- modules/gallery/views/error_admin.html.php | 32 +++++++++++++++++++------ modules/gallery/views/error_user.html.php | 38 ++++++++++++++++++++++-------- 2 files changed, 53 insertions(+), 17 deletions(-) (limited to 'modules') diff --git a/modules/gallery/views/error_admin.html.php b/modules/gallery/views/error_admin.html.php index 5afaa0fe..512a0d88 100644 --- a/modules/gallery/views/error_admin.html.php +++ b/modules/gallery/views/error_admin.html.php @@ -20,8 +20,21 @@ margin: 20px auto; } - div#framework_error { + #framework_error { + height: 6em; + } + + #framework_error .crashlogo { + position: relative; + top: .3em; + font-size: 6.0em; + } + + #framework_error .title { + position: relative; + top: -3em; text-align: center; + margin: 0 auto; } div#error_details { @@ -137,12 +150,17 @@
-

- -

-

- -

+ +
+

+ +

+

+ +

+

diff --git a/modules/gallery/views/error_user.html.php b/modules/gallery/views/error_user.html.php index 74c6a8fb..b64cfb53 100644 --- a/modules/gallery/views/error_user.html.php +++ b/modules/gallery/views/error_user.html.php @@ -19,8 +19,21 @@ margin: 20px auto; } - div#framework_error { + #framework_error { + height: 8em; + } + + #framework_error .crashlogo { + position: relative; + top: .3em; + font-size: 6em; + } + + #framework_error .title { + position: relative; + top: -3em; text-align: center; + margin: 0 auto; } @@ -28,15 +41,20 @@
-

- -

-

- -

-

- -

+ +
+

+ +

+

+ +

+

+ +

+
-- cgit v1.2.3 From b7700d1eec02caa794629adcc0555d7c9f0c1414 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sun, 8 Aug 2010 09:57:13 -0700 Subject: Require the size parameter. Optional params are confusing. And be robust in the face of a missing data file (movies and albums lack resize, albums lack full size, some albums don't have a thumb if they have no contents, etc) --- modules/gallery/helpers/data_rest.php | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) (limited to 'modules') diff --git a/modules/gallery/helpers/data_rest.php b/modules/gallery/helpers/data_rest.php index e45a4645..48de2a3a 100644 --- a/modules/gallery/helpers/data_rest.php +++ b/modules/gallery/helpers/data_rest.php @@ -23,7 +23,11 @@ class data_rest_Core { access::required("view", $item); $p = $request->params; - switch (isset($p->size) ? $p->size : "full") { + if (!isset($p->size) || !in_array($p->size, array("thumb", "resize", "full"))) { + throw new Rest_Exception("Bad Request", 400, array("errors" => array("size" => "invalid"))); + } + + switch ($p->size) { case "thumb": $entity = array( "width" => $item->thumb_width, @@ -38,7 +42,6 @@ class data_rest_Core { "path" => $item->resize_path()); break; - default: case "full": $entity = array( "width" => $item->width, @@ -47,8 +50,13 @@ class data_rest_Core { break; } - $entity["size"] = filesize($entity["path"]); - $entity["contents"] = file_get_contents($entity["path"]); + if (file_exists($entity["path"]) && is_file($entity["path"])) { + $entity["size"] = filesize($entity["path"]); + $entity["contents"] = file_get_contents($entity["path"]); + } else { + $entity["size"] = null; + $entity["contents"] = null; + } unset($entity["path"]); $result = array( -- cgit v1.2.3 From a22cf8cf1c1f3eccedb01ab4629e579c95594dae Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sun, 8 Aug 2010 10:14:29 -0700 Subject: Handle "1" as a default order direction in G2. Why would we ever do that? Dunno. Fixes ticket #1276. --- modules/g2_import/helpers/g2_import.php | 1 + 1 file changed, 1 insertion(+) (limited to 'modules') diff --git a/modules/g2_import/helpers/g2_import.php b/modules/g2_import/helpers/g2_import.php index 4aa9e642..4817ec04 100644 --- a/modules/g2_import/helpers/g2_import.php +++ b/modules/g2_import/helpers/g2_import.php @@ -442,6 +442,7 @@ class g2_import_Core { "title" => "title", "viewCount" => "view_count"); $direction_map = array( + 1 => "asc", ORDER_ASCENDING => "asc", ORDER_DESCENDING => "desc"); // Only consider G2's first sort order -- cgit v1.2.3 From ded9ed4df809d28ba2f4519a398e06daf335ee81 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sun, 8 Aug 2010 11:35:36 -0700 Subject: Create a registry of REST resources and call it "registry".. Pretty simple, actually. Fixes ticket #1173. --- modules/rest/helpers/registry_rest.php | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 modules/rest/helpers/registry_rest.php (limited to 'modules') diff --git a/modules/rest/helpers/registry_rest.php b/modules/rest/helpers/registry_rest.php new file mode 100644 index 00000000..e9c8b955 --- /dev/null +++ b/modules/rest/helpers/registry_rest.php @@ -0,0 +1,30 @@ +name}/helpers/*_rest.php") as $filename) { + $results[] = str_replace("_rest.php", "", basename($filename)); + } + } + return array_unique($results); + } +} -- cgit v1.2.3 From 3c7dc6d7a63e59c841f60d9594575efcf0969f98 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sun, 8 Aug 2010 12:46:26 -0700 Subject: Handle 404 exceptions specially to reduce spam in the log files. Fixes ticket #1228. --- modules/gallery/libraries/MY_Kohana_Exception.php | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) (limited to 'modules') diff --git a/modules/gallery/libraries/MY_Kohana_Exception.php b/modules/gallery/libraries/MY_Kohana_Exception.php index 27d1afc1..82899d7e 100644 --- a/modules/gallery/libraries/MY_Kohana_Exception.php +++ b/modules/gallery/libraries/MY_Kohana_Exception.php @@ -22,11 +22,15 @@ class Kohana_Exception extends Kohana_Exception_Core { * Dump out the full stack trace as part of the text representation of the exception. */ public static function text($e) { - return sprintf( - "%s [ %s ]: %s\n%s [ %s ]\n%s", - get_class($e), $e->getCode(), strip_tags($e->getMessage()), - $e->getFile(), $e->getLine(), - $e->getTraceAsString()); + if ($e instanceof Kohana_404_Exception) { + return "File not found: " . Router::$complete_uri; + } else { + return sprintf( + "%s [ %s ]: %s\n%s [ %s ]\n%s", + get_class($e), $e->getCode(), strip_tags($e->getMessage()), + $e->getFile(), $e->getLine(), + $e->getTraceAsString()); + } } /** -- cgit v1.2.3 From 371a2ff7d29f50dde5ff23ca45188d0eac365481 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sun, 8 Aug 2010 13:39:27 -0700 Subject: Adjust the vertical placement of the "Dang" message. --- modules/gallery/views/error_admin.html.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'modules') diff --git a/modules/gallery/views/error_admin.html.php b/modules/gallery/views/error_admin.html.php index 512a0d88..28776e60 100644 --- a/modules/gallery/views/error_admin.html.php +++ b/modules/gallery/views/error_admin.html.php @@ -32,9 +32,9 @@ #framework_error .title { position: relative; - top: -3em; + top: -2.5em; + padding: 0px; text-align: center; - margin: 0 auto; } div#error_details { -- cgit v1.2.3 From de4d858dc27b356776a6665fd9eeed82cffe9c2e Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sun, 8 Aug 2010 14:56:28 -0700 Subject: Add in the missing 'error' count. --- modules/gallery_unit_test/views/kohana_unit_test_cli.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'modules') diff --git a/modules/gallery_unit_test/views/kohana_unit_test_cli.php b/modules/gallery_unit_test/views/kohana_unit_test_cli.php index a0de0f52..61dae7dd 100644 --- a/modules/gallery_unit_test/views/kohana_unit_test_cli.php +++ b/modules/gallery_unit_test/views/kohana_unit_test_cli.php @@ -71,7 +71,7 @@ foreach ($results as $class => $methods) { } echo "+", str_repeat("=", 87), "+", str_repeat("=", 10), "+\n"; - printf("| %-40.40s %-13.13s %-13.13s %-13.13s %-13.13s |\n", + printf("| %-40.40s %-10.10s %-10.10s %-10.10s %-10.10s %-10.10s |\n", $class, "Score: {$stats[$class]['score']}", "Total: {$stats[$class]['total']}", @@ -81,7 +81,7 @@ foreach ($results as $class => $methods) { echo "+", str_repeat("=", 98), "+\n\n\n"; } -printf(" %-40.40s %-13.13s %-13.13s %-13.13s %-13.13s\n", +printf(" %-40.40s %-10.10s %-10.10s %-10.10s %-10.10s %-10.10s\n", "TOTAL", "Score: " . ($totals["total"] ? 100 * ($totals["passed"] / $totals["total"]) : 0), "Total: {$totals['total']}", -- cgit v1.2.3 From ab2e2d2d7786f834b26b0330dd2b6f682f23bd96 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sun, 8 Aug 2010 15:00:23 -0700 Subject: Add the $max_level param to all calls to _sanitize_for_dump() --- modules/gallery/tests/Kohana_Exception_Test.php | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) (limited to 'modules') diff --git a/modules/gallery/tests/Kohana_Exception_Test.php b/modules/gallery/tests/Kohana_Exception_Test.php index 48bc5184..df7cf9ff 100644 --- a/modules/gallery/tests/Kohana_Exception_Test.php +++ b/modules/gallery/tests/Kohana_Exception_Test.php @@ -37,22 +37,22 @@ class Kohana_Exception_Test extends Gallery_Unit_Test_Case { public function sanitize_for_dump_match_key_test() { $this->assert_equal("removed for display", - Kohana_Exception::_sanitize_for_dump("original value", "password")); + Kohana_Exception::_sanitize_for_dump("original value", "password", 5)); $this->assert_equal("original value", - Kohana_Exception::_sanitize_for_dump("original value", "meow")); + Kohana_Exception::_sanitize_for_dump("original value", "meow", 5)); } public function sanitize_for_dump_match_key_loosely_test() { $this->assert_equal("removed for display", - Kohana_Exception::_sanitize_for_dump("original value", "this secret key")); + Kohana_Exception::_sanitize_for_dump("original value", "this secret key", 5)); } public function sanitize_for_dump_match_value_test() { // Looks like a hash / secret value. $this->assert_equal("removed for display", - Kohana_Exception::_sanitize_for_dump("p$2a178b841c6391d6368f131", "meow")); + Kohana_Exception::_sanitize_for_dump("p$2a178b841c6391d6368f131", "meow", 5)); $this->assert_equal("original value", - Kohana_Exception::_sanitize_for_dump("original value", "meow")); + Kohana_Exception::_sanitize_for_dump("original value", "meow", 5)); } public function sanitize_for_dump_array_test() { @@ -64,7 +64,7 @@ class Kohana_Exception_Test extends Gallery_Unit_Test_Case { "three" => "removed for display"); $this->assert_equal($expected, - Kohana_Exception::_sanitize_for_dump($var, "ignored")); + Kohana_Exception::_sanitize_for_dump($var, "ignored", 5)); } public function sanitize_for_dump_nested_array_test() { @@ -73,7 +73,7 @@ class Kohana_Exception_Test extends Gallery_Unit_Test_Case { $expected = array("safe" => "original value 1", "safe 2" => array("some hash" => "removed for display")); $this->assert_equal($expected, - Kohana_Exception::_sanitize_for_dump($var, "ignored")); + Kohana_Exception::_sanitize_for_dump($var, "ignored", 5)); } public function sanitize_for_dump_user_test() { @@ -83,7 +83,7 @@ class Kohana_Exception_Test extends Gallery_Unit_Test_Case { $user->email = "value 2"; $user->full_name = "value 3"; $this->assert_equal('User_Model object for "john" - details omitted for display', - Kohana_Exception::_sanitize_for_dump($user, "ignored")); + Kohana_Exception::_sanitize_for_dump($user, "ignored", 5)); } public function sanitize_for_dump_database_test() { @@ -91,7 +91,7 @@ class Kohana_Exception_Test extends Gallery_Unit_Test_Case { array("connection" => array("user" => "john", "name" => "gallery_3"), "cache" => array())); $this->assert_equal("Kohana_Exception_Test_Database object - details omitted for display", - Kohana_Exception::_sanitize_for_dump($db, "ignored")); + Kohana_Exception::_sanitize_for_dump($db, "ignored", 5)); } public function sanitize_for_dump_nested_database_test() { @@ -104,7 +104,7 @@ class Kohana_Exception_Test extends Gallery_Unit_Test_Case { array("some" => "foo", "bar (type: Kohana_Exception_Test_Database)" => "Kohana_Exception_Test_Database object - details omitted for display"), - Kohana_Exception::_sanitize_for_dump($var, "ignored")); + Kohana_Exception::_sanitize_for_dump($var, "ignored", 5)); } public function sanitize_for_dump_object_test() { @@ -117,7 +117,7 @@ class Kohana_Exception_Test extends Gallery_Unit_Test_Case { "private: email_address" => "removed for display", "password" => "removed for display"); $this->assert_equal($expected, - Kohana_Exception::_sanitize_for_dump($obj, "ignored")); + Kohana_Exception::_sanitize_for_dump($obj, "ignored", 5)); } public function sanitize_for_dump_nested_object_test() { @@ -142,7 +142,7 @@ class Kohana_Exception_Test extends Gallery_Unit_Test_Case { "foo" => array("bar (type: User_Model)" => 'User_Model object for "john" - details omitted for display')); $this->assert_equal($expected, - Kohana_Exception::_sanitize_for_dump($obj, "ignored")); + Kohana_Exception::_sanitize_for_dump($obj, "ignored", 5)); } } -- cgit v1.2.3 From 9b5e058dd3a7d0d08fa0fad954a1908b9949e934 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sun, 8 Aug 2010 15:01:38 -0700 Subject: We can always send back the header because Kohana buffers output. --- modules/gallery/helpers/json.php | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) (limited to 'modules') diff --git a/modules/gallery/helpers/json.php b/modules/gallery/helpers/json.php index a39db27a..a88608aa 100644 --- a/modules/gallery/helpers/json.php +++ b/modules/gallery/helpers/json.php @@ -25,9 +25,7 @@ class json_Core { * @param mixed $message string or object to json encode and print */ static function reply($message) { - if (!headers_sent()) { - header("Content-Type: application/json; charset=" . Kohana::CHARSET); - } + header("Content-Type: application/json; charset=" . Kohana::CHARSET); print json_encode($message); } } \ No newline at end of file -- cgit v1.2.3 From d6f5a8a8d13892d6487f344c5e5b1f5dd48893d5 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sun, 8 Aug 2010 15:02:24 -0700 Subject: Add JSONP support. You must specify &output=jsonp?callback= Fixes ticket #1205. --- modules/rest/helpers/rest.php | 28 +++++++++++++++++++++++++--- 1 file changed, 25 insertions(+), 3 deletions(-) (limited to 'modules') diff --git a/modules/rest/helpers/rest.php b/modules/rest/helpers/rest.php index 644779da..73d09c64 100644 --- a/modules/rest/helpers/rest.php +++ b/modules/rest/helpers/rest.php @@ -24,7 +24,27 @@ class rest_Core { Session::instance()->abort_save(); header("X-Gallery-API-Version: " . rest::API_VERSION); - if (Input::instance()->get("output") == "html") { + switch (Input::instance()->get("output", "json")) { + case "json": + json::reply($data); + break; + + case "jsonp": + if (!($callback = Input::instance()->get("callback", ""))) { + throw new Rest_Exception( + "Bad Request", 400, array("errors" => array("callback" => "missing"))); + } + + if (preg_match('/^[$A-Za-z_][0-9A-Za-z_]*$/', $callback) == 1) { + header("Content-type: application/javascript"); + print "$callback(" . json_encode($data) . ")"; + } else { + throw new Rest_Exception( + "Bad Request", 400, array("errors" => array("callback" => "invalid"))); + } + break; + + case "html": header("Content-type: text/html"); if ($data) { $html = preg_replace( @@ -34,8 +54,10 @@ class rest_Core { $html = t("Empty response"); } print "
$html
"; - } else { - json::reply($data); + break; + + default: + throw new Rest_Exception("Bad Request", 400); } } -- cgit v1.2.3 From f5b7e207c8c6dc92f82b3607d57459e794b7990e Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sun, 8 Aug 2010 15:02:58 -0700 Subject: Verified. --- modules/gallery/tests/xss_data.txt | 123 ++++++++++++++++++------------------- 1 file changed, 61 insertions(+), 62 deletions(-) (limited to 'modules') diff --git a/modules/gallery/tests/xss_data.txt b/modules/gallery/tests/xss_data.txt index 02483865..f135c522 100644 --- a/modules/gallery/tests/xss_data.txt +++ b/modules/gallery/tests/xss_data.txt @@ -77,23 +77,23 @@ modules/gallery/views/admin_languages.html.php 62 DIRTY form:: modules/gallery/views/admin_languages.html.php 63 DIRTY $display_name modules/gallery/views/admin_languages.html.php 65 DIRTY form::radio("default_locale",$code,($default_locale==$code),((isset($installed_locales[$code]))?'':'disabled="disabled"')) modules/gallery/views/admin_languages.html.php 113 DIRTY $share_translations_form -modules/gallery/views/admin_maintenance.html.php 24 DIRTY_ATTR text::alternate("g-odd","g-even") -modules/gallery/views/admin_maintenance.html.php 24 DIRTY_ATTR log::severity_class($task->severity) -modules/gallery/views/admin_maintenance.html.php 25 DIRTY_ATTR log::severity_class($task->severity) -modules/gallery/views/admin_maintenance.html.php 26 DIRTY $task->name -modules/gallery/views/admin_maintenance.html.php 29 DIRTY $task->description -modules/gallery/views/admin_maintenance.html.php 70 DIRTY_ATTR text::alternate("g-odd","g-even") -modules/gallery/views/admin_maintenance.html.php 70 DIRTY_ATTR $task->state=="stalled"?"g-warning":"" -modules/gallery/views/admin_maintenance.html.php 71 DIRTY_ATTR $task->state=="stalled"?"g-warning":"" -modules/gallery/views/admin_maintenance.html.php 72 DIRTY gallery::date_time($task->updated) -modules/gallery/views/admin_maintenance.html.php 75 DIRTY $task->name -modules/gallery/views/admin_maintenance.html.php 90 DIRTY $task->status -modules/gallery/views/admin_maintenance.html.php 141 DIRTY_ATTR text::alternate("g-odd","g-even") -modules/gallery/views/admin_maintenance.html.php 141 DIRTY_ATTR $task->state=="success"?"g-success":"g-error" -modules/gallery/views/admin_maintenance.html.php 142 DIRTY_ATTR $task->state=="success"?"g-success":"g-error" -modules/gallery/views/admin_maintenance.html.php 143 DIRTY gallery::date_time($task->updated) -modules/gallery/views/admin_maintenance.html.php 146 DIRTY $task->name -modules/gallery/views/admin_maintenance.html.php 158 DIRTY $task->status +modules/gallery/views/admin_maintenance.html.php 40 DIRTY_ATTR text::alternate("g-odd","g-even") +modules/gallery/views/admin_maintenance.html.php 40 DIRTY_ATTR log::severity_class($task->severity) +modules/gallery/views/admin_maintenance.html.php 41 DIRTY_ATTR log::severity_class($task->severity) +modules/gallery/views/admin_maintenance.html.php 42 DIRTY $task->name +modules/gallery/views/admin_maintenance.html.php 45 DIRTY $task->description +modules/gallery/views/admin_maintenance.html.php 86 DIRTY_ATTR text::alternate("g-odd","g-even") +modules/gallery/views/admin_maintenance.html.php 86 DIRTY_ATTR $task->state=="stalled"?"g-warning":"" +modules/gallery/views/admin_maintenance.html.php 87 DIRTY_ATTR $task->state=="stalled"?"g-warning":"" +modules/gallery/views/admin_maintenance.html.php 88 DIRTY gallery::date_time($task->updated) +modules/gallery/views/admin_maintenance.html.php 91 DIRTY $task->name +modules/gallery/views/admin_maintenance.html.php 106 DIRTY $task->status +modules/gallery/views/admin_maintenance.html.php 157 DIRTY_ATTR text::alternate("g-odd","g-even") +modules/gallery/views/admin_maintenance.html.php 157 DIRTY_ATTR $task->state=="success"?"g-success":"g-error" +modules/gallery/views/admin_maintenance.html.php 158 DIRTY_ATTR $task->state=="success"?"g-success":"g-error" +modules/gallery/views/admin_maintenance.html.php 159 DIRTY gallery::date_time($task->updated) +modules/gallery/views/admin_maintenance.html.php 162 DIRTY $task->name +modules/gallery/views/admin_maintenance.html.php 174 DIRTY $task->status modules/gallery/views/admin_maintenance_show_log.html.php 8 DIRTY_JS url::site("admin/maintenance/save_log/$task->id?csrf=$csrf") modules/gallery/views/admin_maintenance_show_log.html.php 13 DIRTY $task->name modules/gallery/views/admin_maintenance_task.html.php 55 DIRTY $task->name @@ -122,50 +122,50 @@ modules/gallery/views/admin_themes.html.php 76 DIRTY $info- modules/gallery/views/admin_themes.html.php 78 DIRTY $info->description modules/gallery/views/admin_themes_preview.html.php 8 DIRTY_ATTR $url modules/gallery/views/error_404.html.php 14 DIRTY $login_form -modules/gallery/views/error_admin.html.php 150 DIRTY $type -modules/gallery/views/error_admin.html.php 150 DIRTY $code -modules/gallery/views/error_admin.html.php 153 DIRTY $message -modules/gallery/views/error_admin.html.php 156 DIRTY_ATTR $error_id -modules/gallery/views/error_admin.html.php 161 DIRTY Kohana_Exception::debug_path($file) -modules/gallery/views/error_admin.html.php 161 DIRTY $line -modules/gallery/views/error_admin.html.php 166 DIRTY_ATTR ($num==$line)?"highlight":"" -modules/gallery/views/error_admin.html.php 166 DIRTY $num -modules/gallery/views/error_admin.html.php 166 DIRTY htmlspecialchars($row,ENT_NOQUOTES,Kohana::CHARSET) -modules/gallery/views/error_admin.html.php 178 DIRTY_ATTR $source_id -modules/gallery/views/error_admin.html.php 178 DIRTY_JS $source_id -modules/gallery/views/error_admin.html.php 178 DIRTY Kohana_Exception::debug_path($step["file"]) -modules/gallery/views/error_admin.html.php 178 DIRTY $step["line"] -modules/gallery/views/error_admin.html.php 180 DIRTY Kohana_Exception::debug_path($step["file"]) -modules/gallery/views/error_admin.html.php 180 DIRTY $step["line"] -modules/gallery/views/error_admin.html.php 187 DIRTY $step["function"] -modules/gallery/views/error_admin.html.php 188 DIRTY_ATTR $args_id -modules/gallery/views/error_admin.html.php 188 DIRTY_JS $args_id -modules/gallery/views/error_admin.html.php 192 DIRTY_ATTR $args_id -modules/gallery/views/error_admin.html.php 197 DIRTY $name -modules/gallery/views/error_admin.html.php 200 DIRTY Kohana_Exception::safe_dump($arg,$name) -modules/gallery/views/error_admin.html.php 208 DIRTY_ATTR $source_id -modules/gallery/views/error_admin.html.php 208 DIRTY_ATTR ($num==$step["line"])?"highlight":"" -modules/gallery/views/error_admin.html.php 208 DIRTY $num -modules/gallery/views/error_admin.html.php 208 DIRTY htmlspecialchars($row,ENT_NOQUOTES,Kohana::CHARSET) -modules/gallery/views/error_admin.html.php 218 DIRTY_ATTR $env_id=$error_id."environment" -modules/gallery/views/error_admin.html.php 218 DIRTY_JS $env_id -modules/gallery/views/error_admin.html.php 220 DIRTY_ATTR $env_id -modules/gallery/views/error_admin.html.php 222 DIRTY_ATTR $env_id=$error_id."environment_included" -modules/gallery/views/error_admin.html.php 222 DIRTY_JS $env_id -modules/gallery/views/error_admin.html.php 222 DIRTY count($included) -modules/gallery/views/error_admin.html.php 223 DIRTY_ATTR $env_id -modules/gallery/views/error_admin.html.php 228 DIRTY Kohana_Exception::debug_path($file) -modules/gallery/views/error_admin.html.php 235 DIRTY_ATTR $env_id=$error_id."environment_loaded" -modules/gallery/views/error_admin.html.php 235 DIRTY_JS $env_id -modules/gallery/views/error_admin.html.php 235 DIRTY count($included) -modules/gallery/views/error_admin.html.php 236 DIRTY_ATTR $env_id -modules/gallery/views/error_admin.html.php 241 DIRTY Kohana_Exception::debug_path($file) -modules/gallery/views/error_admin.html.php 249 DIRTY_ATTR $env_id="$error_id.environment".strtolower($var) -modules/gallery/views/error_admin.html.php 250 DIRTY_JS $env_id -modules/gallery/views/error_admin.html.php 250 DIRTY $var -modules/gallery/views/error_admin.html.php 251 DIRTY_ATTR $env_id -modules/gallery/views/error_admin.html.php 257 DIRTY $key -modules/gallery/views/error_admin.html.php 261 DIRTY Kohana_Exception::safe_dump($value,$key) +modules/gallery/views/error_admin.html.php 183 DIRTY $type +modules/gallery/views/error_admin.html.php 183 DIRTY $code +modules/gallery/views/error_admin.html.php 186 DIRTY $message +modules/gallery/views/error_admin.html.php 189 DIRTY_ATTR $error_id +modules/gallery/views/error_admin.html.php 194 DIRTY Kohana_Exception::debug_path($file) +modules/gallery/views/error_admin.html.php 194 DIRTY $line +modules/gallery/views/error_admin.html.php 199 DIRTY_ATTR ($num==$line)?"highlight":"" +modules/gallery/views/error_admin.html.php 199 DIRTY $num +modules/gallery/views/error_admin.html.php 199 DIRTY htmlspecialchars($row,ENT_NOQUOTES,Kohana::CHARSET) +modules/gallery/views/error_admin.html.php 211 DIRTY_ATTR $source_id +modules/gallery/views/error_admin.html.php 211 DIRTY_JS $source_id +modules/gallery/views/error_admin.html.php 211 DIRTY Kohana_Exception::debug_path($step["file"]) +modules/gallery/views/error_admin.html.php 211 DIRTY $step["line"] +modules/gallery/views/error_admin.html.php 213 DIRTY Kohana_Exception::debug_path($step["file"]) +modules/gallery/views/error_admin.html.php 213 DIRTY $step["line"] +modules/gallery/views/error_admin.html.php 220 DIRTY $step["function"] +modules/gallery/views/error_admin.html.php 221 DIRTY_ATTR $args_id +modules/gallery/views/error_admin.html.php 221 DIRTY_JS $args_id +modules/gallery/views/error_admin.html.php 225 DIRTY_ATTR $args_id +modules/gallery/views/error_admin.html.php 230 DIRTY $name +modules/gallery/views/error_admin.html.php 233 DIRTY Kohana_Exception::safe_dump($arg,$name) +modules/gallery/views/error_admin.html.php 241 DIRTY_ATTR $source_id +modules/gallery/views/error_admin.html.php 241 DIRTY_ATTR ($num==$step["line"])?"highlight":"" +modules/gallery/views/error_admin.html.php 241 DIRTY $num +modules/gallery/views/error_admin.html.php 241 DIRTY htmlspecialchars($row,ENT_NOQUOTES,Kohana::CHARSET) +modules/gallery/views/error_admin.html.php 251 DIRTY_ATTR $env_id=$error_id."environment" +modules/gallery/views/error_admin.html.php 251 DIRTY_JS $env_id +modules/gallery/views/error_admin.html.php 253 DIRTY_ATTR $env_id +modules/gallery/views/error_admin.html.php 255 DIRTY_ATTR $env_id=$error_id."environment_included" +modules/gallery/views/error_admin.html.php 255 DIRTY_JS $env_id +modules/gallery/views/error_admin.html.php 255 DIRTY count($included) +modules/gallery/views/error_admin.html.php 256 DIRTY_ATTR $env_id +modules/gallery/views/error_admin.html.php 261 DIRTY Kohana_Exception::debug_path($file) +modules/gallery/views/error_admin.html.php 268 DIRTY_ATTR $env_id=$error_id."environment_loaded" +modules/gallery/views/error_admin.html.php 268 DIRTY_JS $env_id +modules/gallery/views/error_admin.html.php 268 DIRTY count($included) +modules/gallery/views/error_admin.html.php 269 DIRTY_ATTR $env_id +modules/gallery/views/error_admin.html.php 274 DIRTY Kohana_Exception::debug_path($file) +modules/gallery/views/error_admin.html.php 282 DIRTY_ATTR $env_id="$error_id.environment".strtolower($var) +modules/gallery/views/error_admin.html.php 283 DIRTY_JS $env_id +modules/gallery/views/error_admin.html.php 283 DIRTY $var +modules/gallery/views/error_admin.html.php 284 DIRTY_ATTR $env_id +modules/gallery/views/error_admin.html.php 290 DIRTY $key +modules/gallery/views/error_admin.html.php 294 DIRTY Kohana_Exception::safe_dump($value,$key) modules/gallery/views/form_uploadify.html.php 9 DIRTY_JS url::file("lib/uploadify/uploadify.swf") modules/gallery/views/form_uploadify.html.php 10 DIRTY_JS url::site("uploader/add_photo/{$album->id}") modules/gallery/views/form_uploadify.html.php 14 DIRTY_JS url::file("lib/uploadify/cancel.png") @@ -191,7 +191,6 @@ modules/gallery/views/l10n_client.html.php 62 DIRTY form:: modules/gallery/views/l10n_client.html.php 67 DIRTY form::textarea("l10n-edit-plural-translation-other","",' rows="2"') modules/gallery/views/login_ajax.html.php 6 DIRTY_JS url::site("password/reset") modules/gallery/views/login_ajax.html.php 44 DIRTY $form -modules/gallery/views/maintenance.html.php 46 DIRTY auth::get_login_form("login/auth_html") modules/gallery/views/menu.html.php 4 DIRTY $menu->css_id?"id='$menu->css_id'":"" modules/gallery/views/menu.html.php 4 DIRTY_ATTR $menu->css_class modules/gallery/views/menu.html.php 6 DIRTY $element->render() -- cgit v1.2.3 From e5a1da71ed0383155469e552e412b3504a1742e9 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sun, 8 Aug 2010 15:05:55 -0700 Subject: Convert tabs to spaces to fix File_Structure_Test. --- modules/comment/controllers/admin_manage_comments.php | 6 +++--- modules/comment/controllers/comments.php | 4 ++-- modules/user/controllers/users.php | 6 +++--- 3 files changed, 8 insertions(+), 8 deletions(-) (limited to 'modules') diff --git a/modules/comment/controllers/admin_manage_comments.php b/modules/comment/controllers/admin_manage_comments.php index e451791f..0ba3d6b0 100644 --- a/modules/comment/controllers/admin_manage_comments.php +++ b/modules/comment/controllers/admin_manage_comments.php @@ -35,9 +35,9 @@ class Admin_Manage_Comments_Controller extends Admin_Controller { public function menu_labels() { $menu = $this->_menu($this->_counts()); json::reply(array((string) $menu->get("unpublished")->label, - (string) $menu->get("published")->label, - (string) $menu->get("spam")->label, - (string) $menu->get("deleted")->label)); + (string) $menu->get("published")->label, + (string) $menu->get("spam")->label, + (string) $menu->get("deleted")->label)); } public function queue($state) { diff --git a/modules/comment/controllers/comments.php b/modules/comment/controllers/comments.php index 6ec4132b..ff0e9ce1 100644 --- a/modules/comment/controllers/comments.php +++ b/modules/comment/controllers/comments.php @@ -57,8 +57,8 @@ class Comments_Controller extends Controller { $view->comment = $comment; json::reply(array("result" => "success", - "view" => (string)$view, - "form" => (string)comment::get_add_form($item))); + "view" => (string)$view, + "form" => (string)comment::get_add_form($item))); } else { $form = comment::prefill_add_form($form); json::reply(array("result" => "error", "form" => (string)$form)); diff --git a/modules/user/controllers/users.php b/modules/user/controllers/users.php index 5e6239d8..73b83770 100644 --- a/modules/user/controllers/users.php +++ b/modules/user/controllers/users.php @@ -55,7 +55,7 @@ class Users_Controller extends Controller { module::event("user_edit_form_completed", $user, $form); message::success(t("User information updated")); json::reply(array("result" => "success", - "resource" => url::site("users/{$user->id}"))); + "resource" => url::site("users/{$user->id}"))); } else { json::reply(array("result" => "error", "html" => (string)$form)); } @@ -87,7 +87,7 @@ class Users_Controller extends Controller { module::event("user_auth", $user); module::event("user_password_change", $user); json::reply(array("result" => "success", - "resource" => url::site("users/{$user->id}"))); + "resource" => url::site("users/{$user->id}"))); } else { log::warning("user", t("Failed password change for %name", array("name" => $user->name))); $name = $user->name; @@ -121,7 +121,7 @@ class Users_Controller extends Controller { message::success(t("Email address changed")); module::event("user_auth", $user); json::reply(array("result" => "success", - "resource" => url::site("users/{$user->id}"))); + "resource" => url::site("users/{$user->id}"))); } else { log::warning("user", t("Failed email change for %name", array("name" => $user->name))); $name = $user->name; -- cgit v1.2.3 From 8da37d595cc81e3c340dd98fdb621b6955a3ad3f Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sun, 8 Aug 2010 15:25:21 -0700 Subject: Verified. --- modules/gallery/tests/controller_auth_data.txt | 1 - 1 file changed, 1 deletion(-) (limited to 'modules') diff --git a/modules/gallery/tests/controller_auth_data.txt b/modules/gallery/tests/controller_auth_data.txt index 3c9b3afc..0864a928 100644 --- a/modules/gallery/tests/controller_auth_data.txt +++ b/modules/gallery/tests/controller_auth_data.txt @@ -14,7 +14,6 @@ modules/gallery/controllers/login.php auth_ajax modules/gallery/controllers/login.php html DIRTY_AUTH modules/gallery/controllers/login.php auth_html DIRTY_AUTH modules/gallery/controllers/logout.php index DIRTY_AUTH -modules/gallery/controllers/maintenance.php index DIRTY_AUTH modules/gallery/controllers/quick.php form_edit DIRTY_CSRF modules/gallery/controllers/upgrader.php index DIRTY_AUTH modules/gallery/controllers/uploader.php start DIRTY_AUTH -- cgit v1.2.3 From cdb6306d7e75451587fbc029b94ef197f42842f1 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sun, 8 Aug 2010 16:50:02 -0700 Subject: Backdate the created/updated dates for imported comments. Fixes ticket #1215. --- modules/g2_import/helpers/g2_import.php | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'modules') diff --git a/modules/g2_import/helpers/g2_import.php b/modules/g2_import/helpers/g2_import.php index 4817ec04..8db10dc1 100644 --- a/modules/g2_import/helpers/g2_import.php +++ b/modules/g2_import/helpers/g2_import.php @@ -859,7 +859,6 @@ class g2_import_Core { $comment->text = self::_transform_bbcode($text); $comment->state = "published"; $comment->server_http_host = $g2_comment->getHost(); - $comment->created = $g2_comment->getDate(); try { $comment->save(); } catch (Exception $e) { @@ -868,6 +867,14 @@ class g2_import_Core { array("id" => $g2_comment_id)), $e); } + + // Backdate the creation date. We can't do this at creation time because + // Comment_Model::save() will override it. + db::update("comments") + ->set("created", $g2_comment->getDate()) + ->set("updated", $g2_comment->getDate()) + ->where("id", "=", $comment->id) + ->execute(); } /** -- cgit v1.2.3 From 2dda8e22a7a32db8a5577aad0cff2b47ac0f9c63 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sun, 8 Aug 2010 16:54:31 -0700 Subject: Use the gallery helper date/time functions wherever we format date time for the browser. Fixes ticket #1278. --- modules/comment/views/comments.html.php | 6 +++--- modules/comment/views/user_profile_comments.html.php | 4 ++-- modules/gallery/helpers/gallery.php | 4 ++-- modules/gallery/tests/xss_data.txt | 2 +- modules/info/views/info_block.html.php | 2 +- 5 files changed, 9 insertions(+), 9 deletions(-) (limited to 'modules') diff --git a/modules/comment/views/comments.html.php b/modules/comment/views/comments.html.php index da45f57b..b524f5da 100644 --- a/modules/comment/views/comments.html.php +++ b/modules/comment/views/comments.html.php @@ -36,11 +36,11 @@ author()->guest): ?> date("Y-M-d H:i:s", $comment->created), - "name" => html::clean($comment->author_name()))); ?> + array("date" => gallery::date_time($comment->created), + "name" => html::clean($comment->author_name()))); ?> %name said', - array("date" => date("Y-M-d H:i:s", $comment->created), + array("date" => gallery::date_time($comment->created), "url" => user_profile::url($comment->author_id), "name" => html::clean($comment->author_name()))); ?> diff --git a/modules/comment/views/user_profile_comments.html.php b/modules/comment/views/user_profile_comments.html.php index a2a641ba..377b2d95 100644 --- a/modules/comment/views/user_profile_comments.html.php +++ b/modules/comment/views/user_profile_comments.html.php @@ -4,8 +4,8 @@

  • - date("Y-M-d H:i:s", $comment->created), + gallery::date_time($comment->created), "title" => $comment->item()->title)); ?> item()->thumb_img(array(), 50) ?> diff --git a/modules/gallery/helpers/gallery.php b/modules/gallery/helpers/gallery.php index 54d16322..3f83b23d 100644 --- a/modules/gallery/helpers/gallery.php +++ b/modules/gallery/helpers/gallery.php @@ -60,7 +60,7 @@ class gallery_Core { * @return string */ static function date_time($timestamp) { - return date(module::get_var("gallery", "date_time_format", "Y-M-d H:i:s"), $timestamp); + return date(module::get_var("gallery", "date_time_format"), $timestamp); } /** @@ -69,7 +69,7 @@ class gallery_Core { * @return string */ static function date($timestamp) { - return date(module::get_var("gallery", "date_format", "Y-M-d"), $timestamp); + return date(module::get_var("gallery", "date_format"), $timestamp); } /** diff --git a/modules/gallery/tests/xss_data.txt b/modules/gallery/tests/xss_data.txt index f135c522..ef92970b 100644 --- a/modules/gallery/tests/xss_data.txt +++ b/modules/gallery/tests/xss_data.txt @@ -267,7 +267,7 @@ modules/gallery/views/user_profile.html.php 34 DIRTY_ATTR $use modules/gallery/views/user_profile.html.php 43 DIRTY $info->view modules/image_block/views/image_block_block.html.php 3 DIRTY_JS $item->url() modules/image_block/views/image_block_block.html.php 4 DIRTY $item->thumb_img(array("class"=>"g-thumbnail")) -modules/info/views/info_block.html.php 22 DIRTY date("M j, Y H:i:s",$item->captured) +modules/info/views/info_block.html.php 22 DIRTY gallery::date_time($item->captured) modules/info/views/info_block.html.php 29 DIRTY_JS $item->owner->url modules/notification/views/comment_published.html.php 28 DIRTY_JS $comment->item()->abs_url() modules/notification/views/comment_published.html.php 29 DIRTY $comment->item()->abs_url() diff --git a/modules/info/views/info_block.html.php b/modules/info/views/info_block.html.php index ac177ee7..ebe9bd28 100644 --- a/modules/info/views/info_block.html.php +++ b/modules/info/views/info_block.html.php @@ -19,7 +19,7 @@ captured): ?>

  • - captured)?> + captured)?>
    • owner): ?> -- cgit v1.2.3 From bd541342b9b56db00b8d24db1da43b9693e9849a Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sun, 8 Aug 2010 17:07:13 -0700 Subject: Add gallery stats in addition to platform stats. --- modules/gallery/views/error_admin.html.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'modules') diff --git a/modules/gallery/views/error_admin.html.php b/modules/gallery/views/error_admin.html.php index 28776e60..f5004eae 100644 --- a/modules/gallery/views/error_admin.html.php +++ b/modules/gallery/views/error_admin.html.php @@ -116,7 +116,7 @@ padding-right: 1em; } - #g-platform h2 { + #g-platform h2, #g-stats h2 { font-size: 1.1em; } @@ -174,8 +174,9 @@ of open tickets to see if the problem you're seeing has been reported. If you post a request, here's some useful - information to include: + information to include: + +

    -- cgit v1.2.3 From e85b345edaded7d4a68ae758138bcff9d0ceaefb Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sun, 8 Aug 2010 17:10:00 -0700 Subject: Visually separate the G2 comment's subject and body when we blend them into the G3 comment body. Fixes ticket #1269. --- modules/g2_import/helpers/g2_import.php | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) (limited to 'modules') diff --git a/modules/g2_import/helpers/g2_import.php b/modules/g2_import/helpers/g2_import.php index 8db10dc1..306a0c50 100644 --- a/modules/g2_import/helpers/g2_import.php +++ b/modules/g2_import/helpers/g2_import.php @@ -838,11 +838,7 @@ class g2_import_Core { return; } - $text = $g2_comment->getSubject(); - if ($text) { - $text .= " "; - } - $text .= $g2_comment->getComment(); + $text = join("\n", array($g2_comment->getSubject(), $g2_comment->getComment())); $text = html_entity_decode($text); // Just import the fields we know about. Do this outside of the comment API for now so that -- cgit v1.2.3 From c3ad4b5374435fdd93644066eeebd94ba5271e20 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sun, 8 Aug 2010 17:14:09 -0700 Subject: Whitespace fix --- modules/user/controllers/users.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'modules') diff --git a/modules/user/controllers/users.php b/modules/user/controllers/users.php index 73b83770..6bb4967f 100644 --- a/modules/user/controllers/users.php +++ b/modules/user/controllers/users.php @@ -41,7 +41,7 @@ class Users_Controller extends Controller { // Translate ORM validation errors into form error messages foreach ($e->validation->errors() as $key => $error) { $form->edit_user->inputs[$key]->add_error($error, 1); - } + } $valid = false; } -- cgit v1.2.3 From 6a8c1f5e855b1c4d768524e6e542218c234df6d3 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sun, 8 Aug 2010 17:19:51 -0700 Subject: whitespace fix. --- modules/gallery/helpers/identity.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'modules') diff --git a/modules/gallery/helpers/identity.php b/modules/gallery/helpers/identity.php index 5f1664ec..4febc4e2 100644 --- a/modules/gallery/helpers/identity.php +++ b/modules/gallery/helpers/identity.php @@ -66,7 +66,8 @@ class identity_Core { // The installer cannot set a user into the session, so it just sets an id which we should // upconvert into a user. - // @todo set the user name into the session instead of 2 and then use it to get the user object + // @todo set the user name into the session instead of 2 and then use it to get the + // user object if ($user === 2) { auth::login(IdentityProvider::instance()->admin_user()); } -- cgit v1.2.3 From acb1faaa594fc5067c4340e073afca3b83f819d4 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sun, 8 Aug 2010 17:25:31 -0700 Subject: Cache the group ids for a day to trade off performance for security updates. Fixes ticket #1227. --- modules/gallery/helpers/identity.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'modules') diff --git a/modules/gallery/helpers/identity.php b/modules/gallery/helpers/identity.php index 4febc4e2..5de05948 100644 --- a/modules/gallery/helpers/identity.php +++ b/modules/gallery/helpers/identity.php @@ -72,12 +72,14 @@ class identity_Core { auth::login(IdentityProvider::instance()->admin_user()); } - if (!$session->get("group_ids")) { + // Cache the group ids for a day to trade off performance for security updates. + if (!$session->get("group_ids") || $session->get("group_ids_timeout", 0) < time()) { $ids = array(); foreach ($user->groups() as $group) { $ids[] = $group->id; } $session->set("group_ids", $ids); + $session->set("group_ids_timeout", time() + 86400); } } catch (Exception $e) { // Log it, so we at least have so notification that we swallowed the exception. -- cgit v1.2.3 From 1ad1f9517f91875875f2e062bda7d834827c3430 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Sun, 8 Aug 2010 17:29:22 -0700 Subject: Fix for ticket #1279. In admin themes sanitize the theme name before checking that theme.info exists. --- modules/gallery/controllers/admin_themes.php | 7 ++++--- modules/gallery/helpers/theme.php | 2 +- 2 files changed, 5 insertions(+), 4 deletions(-) (limited to 'modules') diff --git a/modules/gallery/controllers/admin_themes.php b/modules/gallery/controllers/admin_themes.php index e59eadaf..a88e1e89 100644 --- a/modules/gallery/controllers/admin_themes.php +++ b/modules/gallery/controllers/admin_themes.php @@ -31,10 +31,11 @@ class Admin_Themes_Controller extends Admin_Controller { private function _get_themes() { $themes = array(); foreach (scandir(THEMEPATH) as $theme_name) { + if ($theme_name[0] == ".") { + continue; + } + $theme_name = preg_replace("/[^a-zA-Z0-9\._-]/", "", $theme_name); if (file_exists(THEMEPATH . "$theme_name/theme.info")) { - if ($theme_name[0] == ".") { - continue; - } $themes[$theme_name] = theme::get_info($theme_name); } diff --git a/modules/gallery/helpers/theme.php b/modules/gallery/helpers/theme.php index 3589a5b7..9df3eaf2 100644 --- a/modules/gallery/helpers/theme.php +++ b/modules/gallery/helpers/theme.php @@ -111,7 +111,7 @@ class theme_Core { } static function get_info($theme_name) { - $theme_name = preg_replace("/[^\w]/", "", $theme_name); + $theme_name = preg_replace("/[^a-zA-Z0-9\._-]/", "", $theme_name); $file = THEMEPATH . "$theme_name/theme.info"; $theme_info = new ArrayObject(parse_ini_file($file), ArrayObject::ARRAY_AS_PROPS); $theme_info->description = t($theme_info->description); -- cgit v1.2.3 From 639d31a2c1a54f31ad32208b8602a8922d336fa0 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sun, 8 Aug 2010 21:17:16 -0700 Subject: If the imported item from Gallery 2 has a preferred derivative with a rotation, then rotate the imported image accordingly. Fixes ticket #1274.. --- modules/g2_import/helpers/g2_import.php | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'modules') diff --git a/modules/g2_import/helpers/g2_import.php b/modules/g2_import/helpers/g2_import.php index 306a0c50..f2e9dad9 100644 --- a/modules/g2_import/helpers/g2_import.php +++ b/modules/g2_import/helpers/g2_import.php @@ -588,6 +588,20 @@ class g2_import_Core { $item->description = self::_decode_html_special_chars(self::extract_description($g2_item)); $item->owner_id = self::map($g2_item->getOwnerId()); $item->save(); + + // If the item has a preferred derivative with a rotation, then rotate this image + // accordingly. Should we obey scale rules as well? I vote no because rotation is less + // destructive -- you lose too much data from scaling. + $g2_preferred = g2(GalleryCoreApi::fetchPreferredSource($g2_item)); + if ($g2_preferred && $g2_preferred instanceof GalleryDerivative) { + if (preg_match("/rotate\|(-?\d+)/", $g2_preferred->getDerivativeOperations(), $matches)) { + $tmpfile = tempnam(TMPPATH, "rotate"); + gallery_graphics::rotate($item->file_path(), $tmpfile, array("degrees" => $matches[1])); + $item->set_data_file($tmpfile); + $item->save(); + unlink($tmpfile); + } + } } catch (Exception $e) { $exception_info = (string) new G2_Import_Exception( t("Corrupt image '%path'", array("path" => $g2_path)), -- cgit v1.2.3 From 0014745d4ad0c5e95e4ebced95062a6272359bf5 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sun, 8 Aug 2010 21:49:30 -0700 Subject: Add a button to the user profile page to let you reset your REST API key. This is useful if you think it's been compromised in some way. Fixes ticket #1226. --- modules/rest/controllers/rest.php | 16 ++++++++++++++++ modules/rest/helpers/rest.php | 10 ++++++++++ modules/rest/helpers/rest_event.php | 7 ------- modules/rest/views/reset_api_key_confirm.html.php | 7 +++++++ modules/rest/views/user_profile_rest.html.php | 3 +++ 5 files changed, 36 insertions(+), 7 deletions(-) create mode 100644 modules/rest/views/reset_api_key_confirm.html.php (limited to 'modules') diff --git a/modules/rest/controllers/rest.php b/modules/rest/controllers/rest.php index bf2f0a54..a721ff2b 100644 --- a/modules/rest/controllers/rest.php +++ b/modules/rest/controllers/rest.php @@ -37,6 +37,22 @@ class Rest_Controller extends Controller { rest::reply(rest::access_key()); } + public function reset_api_key_confirm() { + $form = new Forge("rest/reset_api_key", "", "post", array("id" => "g-reset-api-key")); + $group = $form->group("confirm_reset")->label(t("Confirm resetting your REST API key")); + $group->submit("")->value(t("Reset")); + $v = new View("reset_api_key_confirm.html"); + $v->form = $form; + print $v; + } + + public function reset_api_key() { + access::verify_csrf(); + rest::reset_access_key(); + message::success(t("Your REST API key has been reset.")); + json::reply(array("result" => "success")); + } + public function __call($function, $args) { try { $input = Input::instance(); diff --git a/modules/rest/helpers/rest.php b/modules/rest/helpers/rest.php index 73d09c64..333daf95 100644 --- a/modules/rest/helpers/rest.php +++ b/modules/rest/helpers/rest.php @@ -87,6 +87,16 @@ class rest_Core { identity::set_active_user($user); } + static function reset_access_key() { + $key = ORM::factory("user_access_key") + ->where("user_id", "=", identity::active_user()->id) + ->find(); + if ($key->loaded()) { + $key->delete(); + } + return rest::access_key(); + } + static function access_key() { $key = ORM::factory("user_access_key") ->where("user_id", "=", identity::active_user()->id) diff --git a/modules/rest/helpers/rest_event.php b/modules/rest/helpers/rest_event.php index f23b9a58..6a42e893 100644 --- a/modules/rest/helpers/rest_event.php +++ b/modules/rest/helpers/rest_event.php @@ -54,13 +54,6 @@ class rest_event { self::_get_access_key_form($user, $form); } - /** - * Called when user is editing their own form - */ - static function user_edit_form($user, $form) { - self::_get_access_key_form($user, $form); - } - /** * Get the form fields for user edit */ diff --git a/modules/rest/views/reset_api_key_confirm.html.php b/modules/rest/views/reset_api_key_confirm.html.php new file mode 100644 index 00000000..3aae2a9a --- /dev/null +++ b/modules/rest/views/reset_api_key_confirm.html.php @@ -0,0 +1,7 @@ + +
    +

    + +

    + +
    diff --git a/modules/rest/views/user_profile_rest.html.php b/modules/rest/views/user_profile_rest.html.php index e81f3d0b..3e5d3dbf 100644 --- a/modules/rest/views/user_profile_rest.html.php +++ b/modules/rest/views/user_profile_rest.html.php @@ -4,6 +4,9 @@

  • Key: %key", array("key" => $rest_key)) ?> + "> + +

    • -- cgit v1.2.3 From 541a084cc1dcc6afa19ff526f1a12d0e878be5ab Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sun, 8 Aug 2010 21:51:26 -0700 Subject: "REST api" --> "REST API". --- modules/rest/helpers/rest_event.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'modules') diff --git a/modules/rest/helpers/rest_event.php b/modules/rest/helpers/rest_event.php index 6a42e893..d8c69e94 100644 --- a/modules/rest/helpers/rest_event.php +++ b/modules/rest/helpers/rest_event.php @@ -97,6 +97,6 @@ class rest_event { $key->save(); } $view->rest_key = $key->access_key; - $data->content[] = (object)array("title" => t("REST api"), "view" => $view); + $data->content[] = (object)array("title" => t("REST API"), "view" => $view); } } -- cgit v1.2.3 From b6a50140474b4ac20eb3bf6e1c9427674f728b54 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Mon, 9 Aug 2010 00:29:28 -0700 Subject: Fix a pagination bug. Fixes ticket #1280. --- modules/comment/controllers/admin_manage_comments.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'modules') diff --git a/modules/comment/controllers/admin_manage_comments.php b/modules/comment/controllers/admin_manage_comments.php index 0ba3d6b0..0889dc4e 100644 --- a/modules/comment/controllers/admin_manage_comments.php +++ b/modules/comment/controllers/admin_manage_comments.php @@ -51,8 +51,10 @@ class Admin_Manage_Comments_Controller extends Admin_Controller { $view->content->state = $state; $view->content->comments = ORM::factory("comment") ->order_by("created", "DESC") + ->order_by("id", "DESC") ->where("state", "=", $state) - ->limit(self::$items_per_page, ($page - 1) * self::$items_per_page) + ->limit(self::$items_per_page) + ->offset(($page - 1) * self::$items_per_page) ->find_all(); $view->content->pager = new Pagination(); $view->content->pager->initialize( -- cgit v1.2.3 From 0ff81c7ded9e61a16a2f900edfbe98d48847bf59 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Mon, 9 Aug 2010 15:18:25 -0700 Subject: The root album's edit form doesn't have a name field, so don't count on it being there in update(). Fixes ticket #1281. --- modules/gallery/controllers/albums.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'modules') diff --git a/modules/gallery/controllers/albums.php b/modules/gallery/controllers/albums.php index f3f5dee3..fb7d5c59 100644 --- a/modules/gallery/controllers/albums.php +++ b/modules/gallery/controllers/albums.php @@ -132,7 +132,9 @@ class Albums_Controller extends Items_Controller { $album->description = $form->edit_item->description->value; $album->sort_column = $form->edit_item->sort_order->column->value; $album->sort_order = $form->edit_item->sort_order->direction->value; - $album->name = $form->edit_item->inputs["name"]->value; + if (array_key_exists("name", $form->edit_item->inputs)) { + $album->name = $form->edit_item->inputs["name"]->value; + } $album->slug = $form->edit_item->slug->value; $album->validate(); } catch (ORM_Validation_Exception $e) { -- cgit v1.2.3 From d5dbd1677ffdc141823066e98fb5bb3842b0263c Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Mon, 9 Aug 2010 21:22:54 -0700 Subject: "Server Add" -> "Server add" (Sentence capitalization) --- modules/server_add/helpers/server_add_event.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'modules') diff --git a/modules/server_add/helpers/server_add_event.php b/modules/server_add/helpers/server_add_event.php index 631af02f..fd4ade71 100644 --- a/modules/server_add/helpers/server_add_event.php +++ b/modules/server_add/helpers/server_add_event.php @@ -22,7 +22,7 @@ class server_add_event_Core { $menu->get("settings_menu") ->append(Menu::factory("link") ->id("server_add") - ->label(t("Server Add")) + ->label(t("Server add")) ->url(url::site("admin/server_add"))); } @@ -35,7 +35,7 @@ class server_add_event_Core { $menu->get("add_menu") ->append(Menu::factory("dialog") ->id("server_add") - ->label(t("Server Add")) + ->label(t("Server add")) ->url(url::site("server_add/browse/$item->id"))); } } -- cgit v1.2.3 From f0d8aef0ead373f310c59c665f8973264815e784 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Mon, 9 Aug 2010 22:51:14 -0700 Subject: "Content-type" --> "Content-Type". --- modules/gallery/controllers/file_proxy.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'modules') diff --git a/modules/gallery/controllers/file_proxy.php b/modules/gallery/controllers/file_proxy.php index 15b4279f..d4e0d4c7 100644 --- a/modules/gallery/controllers/file_proxy.php +++ b/modules/gallery/controllers/file_proxy.php @@ -127,7 +127,7 @@ class File_Proxy_Controller extends Controller { // Dump out the image. If the item is a movie, then its thumbnail will be a JPG. if ($item->is_movie() && $type != "albums") { - header("Content-type: image/jpeg"); + header("Content-Type: image/jpeg"); } else { header("Content-Type: $item->mime_type"); } -- cgit v1.2.3 From 3c18762fda9a91717b5defc300ace6bda61eb233 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Mon, 9 Aug 2010 22:54:57 -0700 Subject: Change the way that this works. Now instead of sending back the image metadata and the data itself JSON encoded, we just send back the raw data with the right Content-Type. This, combined with code in Item_Model::as_restful_array() that swaps in /rest/data urls as appropriate, means that the RESTful payload has consistent urls when permissions are in play. --- modules/gallery/helpers/data_rest.php | 55 +++++++++++++++++++---------------- 1 file changed, 30 insertions(+), 25 deletions(-) (limited to 'modules') diff --git a/modules/gallery/helpers/data_rest.php b/modules/gallery/helpers/data_rest.php index 48de2a3a..3cd2f59a 100644 --- a/modules/gallery/helpers/data_rest.php +++ b/modules/gallery/helpers/data_rest.php @@ -17,6 +17,11 @@ * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. */ + +/** + * This resource returns the raw contents of Item_Model data files. It's analogous to the + * file_proxy controller, but it uses the REST authentication model. + */ class data_rest_Core { static function get($request) { $item = rest::resolve($request->url); @@ -29,41 +34,41 @@ class data_rest_Core { switch ($p->size) { case "thumb": - $entity = array( - "width" => $item->thumb_width, - "height" => $item->thumb_height, - "path" => $item->thumb_path()); + $file = $item->thumb_path(); break; case "resize": - $entity = array( - "width" => $item->resize_width, - "height" => $item->resize_height, - "path" => $item->resize_path()); + $file = $item->resize_path(); break; case "full": - $entity = array( - "width" => $item->width, - "height" => $item->height, - "path" => $item->file_path()); + $file = $item->file_path(); break; } - if (file_exists($entity["path"]) && is_file($entity["path"])) { - $entity["size"] = filesize($entity["path"]); - $entity["contents"] = file_get_contents($entity["path"]); + if (!file_exists($file)) { + throw new Kohana_404_Exception(); + } + + // Note: this code is roughly duplicated in data_rest, so if you modify this, please look to + // see if you should make the same change there as well. + // + // We don't have a cache buster in the url, so don't set cache headers here. + // We don't need to save the session for this request + Session::instance()->abort_save(); + + // Dump out the image. If the item is a movie, then its thumbnail will be a JPG. + if ($item->is_movie() && $p->size == "thumb") { + header("Content-Type: image/jpeg"); } else { - $entity["size"] = null; - $entity["contents"] = null; + header("Content-Type: {$item->mime_type}"); } - unset($entity["path"]); + Kohana::close_buffers(false); + readfile($file); - $result = array( - "url" => $request->url, - "entity" => $entity, - "relationships" => rest::relationships("data", $item)); - return $result; + // We must exit here to keep the regular REST framework reply code from adding more bytes on + // at the end or tinkering with headers. + exit; } static function resolve($id) { @@ -74,7 +79,7 @@ class data_rest_Core { return $item; } - static function url($item) { - return url::abs_site("rest/data/{$item->id}"); + static function url($item, $size) { + return url::abs_site("rest/data/{$item->id}?size=$size"); } } -- cgit v1.2.3 From 9de371e1b3bda42fdaf564af502c0c986eeada10 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Mon, 9 Aug 2010 22:55:58 -0700 Subject: Use the data_rest implementation to proxy access to raw thumb/resize/full data files when permissions are in play. --- modules/gallery/models/item.php | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) (limited to 'modules') diff --git a/modules/gallery/models/item.php b/modules/gallery/models/item.php index 5257bbb9..1dea60e8 100644 --- a/modules/gallery/models/item.php +++ b/modules/gallery/models/item.php @@ -974,13 +974,26 @@ class Item_Model extends ORM_MPTT { unset($data["album_cover_item_id"]); if (access::can("view_full", $this) && $this->is_photo()) { - $data["file_url"] = $this->file_url(true); + if (access::user_can(identity::guest(), "view_full", $this)) { + $data["file_url"] = $this->file_url(true); + } else { + $data["file_url"] = rest::url("data", $this, "full"); + } } if (($tmp = $this->resize_url(true)) && $this->is_photo()) { - $data["resize_url"] = $tmp; + if (access::user_can(identity::guest(), "view", $this)) { + $data["resize_url"] = $tmp; + } else { + $data["resize_url"] = rest::url("data", $this, "resize"); + } + } + + if (access::user_can(identity::guest(), "view", $this)) { + $data["thumb_url"] = $this->thumb_url(true); + } else { + $data["thumb_url"] = rest::url("data", $this, "thumb"); } - $data["thumb_url"] = $this->thumb_url(true); $data["can_edit"] = access::can("edit", $this); // Elide some internal-only data that is going to cause confusion in the client. -- cgit v1.2.3 From a94bb197987deeee4b0046fb6566510080e087f6 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Mon, 9 Aug 2010 23:01:47 -0700 Subject: Force the charset to UTF-8 when viewing the HTML form of REST output. --- modules/rest/helpers/rest.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'modules') diff --git a/modules/rest/helpers/rest.php b/modules/rest/helpers/rest.php index 333daf95..3a6b2cad 100644 --- a/modules/rest/helpers/rest.php +++ b/modules/rest/helpers/rest.php @@ -45,7 +45,7 @@ class rest_Core { break; case "html": - header("Content-type: text/html"); + header("Content-type: text/html; charset=UTF-8"); if ($data) { $html = preg_replace( "#([\w]+?://[\w]+[^ \'\"\n\r\t<]*)#ise", "'\\1'", -- cgit v1.2.3 From 524554c65b363adfd264c66dafe0671ba5115a1f Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Wed, 11 Aug 2010 21:02:57 -0700 Subject: Send back the content length of files. This fixes streaming movies. Fixes ticket #974. --- modules/gallery/controllers/file_proxy.php | 2 ++ 1 file changed, 2 insertions(+) (limited to 'modules') diff --git a/modules/gallery/controllers/file_proxy.php b/modules/gallery/controllers/file_proxy.php index d4e0d4c7..b17310c4 100644 --- a/modules/gallery/controllers/file_proxy.php +++ b/modules/gallery/controllers/file_proxy.php @@ -116,6 +116,8 @@ class File_Proxy_Controller extends Controller { throw new Kohana_404_Exception(); } + header("Content-Length: " . filesize($file)); + header("Pragma:"); // Check that the content hasn't expired or it wasn't changed since cached expires::check(2592000, $item->updated); -- cgit v1.2.3 From d9f8c8a295b760bb5b858c96f1658d50c321bd01 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sat, 14 Aug 2010 14:56:28 -0700 Subject: Rebuild access_caches rows if they're missing, as necessary. Fixes ticket #1289. --- modules/gallery/helpers/gallery_task.php | 56 +++++++++++++++++++++++++++----- 1 file changed, 48 insertions(+), 8 deletions(-) (limited to 'modules') diff --git a/modules/gallery/helpers/gallery_task.php b/modules/gallery/helpers/gallery_task.php index bf1355b8..6a1fc28a 100644 --- a/modules/gallery/helpers/gallery_task.php +++ b/modules/gallery/helpers/gallery_task.php @@ -26,7 +26,9 @@ class gallery_task_Core { const FIX_STATE_RUN_DUPE_SLUGS = 5; const FIX_STATE_START_DUPE_NAMES = 6; const FIX_STATE_RUN_DUPE_NAMES = 7; - const FIX_STATE_DONE = 8; + const FIX_STATE_START_MISSING_ACCESS_CACHES = 8; + const FIX_STATE_RUN_MISSING_ACCESS_CACHES = 9; + const FIX_STATE_DONE = 10; static function available_tasks() { $dirty_count = graphics::find_dirty_images_query()->count_records(); @@ -323,15 +325,14 @@ class gallery_task_Core { $total = $task->get("total"); if (empty($total)) { // mptt: 2 operations for every item - // album audit (permissions and bogus album covers): 1 operation for every album - // dupe slugs: 1 operation for each unique conflicted slug $total = 2 * db::build()->count_records("items"); + // album audit (permissions and bogus album covers): 1 operation for every album $total += db::build()->where("type", "=", "album")->count_records("items"); - foreach (self::find_dupe_slugs() as $row) { - $total++; - } - foreach (self::find_dupe_names() as $row) { - $total++; + // one operation for each missing slug, name and access cache + foreach (array("find_dupe_slugs", "find_dupe_names", "find_missing_access_caches") as $func) { + foreach (self::$func() as $row) { + $total++; + } } $task->set("total", $total); @@ -542,6 +543,36 @@ class gallery_task_Core { $completed++; if (empty($stack)) { + $state = self::FIX_STATE_START_MISSING_ACCESS_CACHES; + } + break; + + case self::FIX_STATE_START_MISSING_ACCESS_CACHES: + $stack = array(); + foreach (self::find_missing_access_caches() as $row) { + $stack[] = $row->id; + } + if ($stack) { + $task->set("stack", implode(" ", $stack)); + $state = self::FIX_STATE_RUN_MISSING_ACCESS_CACHES; + } else { + $state = self::FIX_STATE_DONE; + } + break; + + case self::FIX_STATE_RUN_MISSING_ACCESS_CACHES: + $stack = explode(" ", $task->get("stack")); + $id = array_pop($stack); + $access_cache = ORM::factory("access_cache"); + $access_cache->item_id = $id; + $access_cache->save(); + $task->set("stack", implode(" ", $stack)); + $completed++; + if (empty($stack)) { + // The new cache rows are there, but they're incorrectly populated so we have to fix + // them. If this turns out to be too slow, we'll have to refactor + // access::recalculate_permissions to allow us to do it in slices. + access::recalculate_permissions(item::root()); $state = self::FIX_STATE_DONE; } break; @@ -587,4 +618,13 @@ class gallery_task_Core { ->group_by("parent_name") ->execute(); } + + static function find_missing_access_caches() { + return db::build() + ->select("items.id") + ->from("items") + ->join("access_caches", "items.id", "access_caches.item_id", "left") + ->where("access_caches.id", "is", null) + ->execute(); + } } \ No newline at end of file -- cgit v1.2.3 From 50e3230d79b8736f78ebaa4f1c7e6df1c29b3243 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sat, 14 Aug 2010 15:10:07 -0700 Subject: Add a key on access_caches.item_id. Without this, the Fix task query to find missing access_caches is very slow. Bump Gallery module to v34. --- installer/install.sql | 5 +++-- modules/gallery/helpers/gallery_installer.php | 10 ++++++++-- modules/gallery/module.info | 2 +- 3 files changed, 12 insertions(+), 5 deletions(-) (limited to 'modules') diff --git a/installer/install.sql b/installer/install.sql index 0df82086..c6314aa7 100644 --- a/installer/install.sql +++ b/installer/install.sql @@ -10,7 +10,8 @@ CREATE TABLE {access_caches} ( `view_full_2` binary(1) NOT NULL DEFAULT '0', `edit_2` binary(1) NOT NULL DEFAULT '0', `add_2` binary(1) NOT NULL DEFAULT '0', - PRIMARY KEY (`id`) + PRIMARY KEY (`id`), + KEY `item_id` (`item_id`) ) AUTO_INCREMENT=2 DEFAULT CHARSET=utf8; /*!40101 SET character_set_client = @saved_cs_client */; INSERT INTO {access_caches} VALUES (1,1,'1','0','0','1','0','0'); @@ -243,7 +244,7 @@ CREATE TABLE {modules} ( KEY `weight` (`weight`) ) AUTO_INCREMENT=11 DEFAULT CHARSET=utf8; /*!40101 SET character_set_client = @saved_cs_client */; -INSERT INTO {modules} VALUES (1,1,'gallery',33,1); +INSERT INTO {modules} VALUES (1,1,'gallery',34,1); INSERT INTO {modules} VALUES (2,1,'user',3,2); INSERT INTO {modules} VALUES (3,1,'comment',3,3); INSERT INTO {modules} VALUES (4,1,'organize',1,4); diff --git a/modules/gallery/helpers/gallery_installer.php b/modules/gallery/helpers/gallery_installer.php index 21c47ad5..569c5118 100644 --- a/modules/gallery/helpers/gallery_installer.php +++ b/modules/gallery/helpers/gallery_installer.php @@ -23,7 +23,8 @@ class gallery_installer { $db->query("CREATE TABLE {access_caches} ( `id` int(9) NOT NULL auto_increment, `item_id` int(9), - PRIMARY KEY (`id`)) + PRIMARY KEY (`id`), + KEY (`item_id`)) DEFAULT CHARSET=utf8;"); $db->query("CREATE TABLE {access_intents} ( @@ -299,7 +300,7 @@ class gallery_installer { module::set_var("gallery", "simultaneous_upload_limit", 5); module::set_var("gallery", "admin_area_timeout", 90 * 60); module::set_var("gallery", "maintenance_mode", 0); - module::set_version("gallery", 33); + module::set_version("gallery", 34); } static function upgrade($version) { @@ -578,6 +579,11 @@ class gallery_installer { $db->query("ALTER TABLE {items} ADD KEY (`left_ptr`)"); module::set_version("gallery", $version = 33); } + + if ($version == 33) { + $db->query("ALTER TABLE {access_caches} ADD KEY (`item_id`)"); + module::set_version("gallery", $version = 34); + } } static function uninstall() { diff --git a/modules/gallery/module.info b/modules/gallery/module.info index dbecda03..084a0945 100644 --- a/modules/gallery/module.info +++ b/modules/gallery/module.info @@ -1,3 +1,3 @@ name = "Gallery 3" description = "Gallery core application" -version = 33 +version = 34 -- cgit v1.2.3 From b562751fdb2ae8aab3a344e84176ea03381ca04c Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sat, 14 Aug 2010 15:45:16 -0700 Subject: Don't expose members of an item that are not viewable by the end user. This leaks item ids, but no other information about the item. Fixes ticket #1292. --- modules/gallery/helpers/items_rest.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'modules') diff --git a/modules/gallery/helpers/items_rest.php b/modules/gallery/helpers/items_rest.php index 9cca9a54..f0b68d63 100644 --- a/modules/gallery/helpers/items_rest.php +++ b/modules/gallery/helpers/items_rest.php @@ -80,7 +80,7 @@ class items_rest_Core { "relationships" => rest::relationships("item", $item)); if ($item->type == "album") { $members = array(); - foreach ($item->children() as $child) { + foreach ($item->viewable()->children() as $child) { $members[] = rest::url("item", $child); } $item_rest["members"] = $members; -- cgit v1.2.3 From dbe595f15e9c3f359fa447cf270e914b6d6d809e Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sat, 14 Aug 2010 16:10:32 -0700 Subject: Always use the data resource to return thumbs, resizes and full sizes. That way the client does not have to differentiate between RESTful request types and raw request types. If there's a public raw url, return that as well. --- modules/gallery/models/item.php | 30 ++++++++++++++---------------- 1 file changed, 14 insertions(+), 16 deletions(-) (limited to 'modules') diff --git a/modules/gallery/models/item.php b/modules/gallery/models/item.php index 1dea60e8..c4591279 100644 --- a/modules/gallery/models/item.php +++ b/modules/gallery/models/item.php @@ -668,9 +668,9 @@ class Item_Model extends ORM_MPTT { public function resize_img($extra_attrs) { $attrs = array_merge($extra_attrs, array("src" => $this->resize_url(), - "alt" => $this->title, - "width" => $this->resize_width, - "height" => $this->resize_height) + "alt" => $this->title, + "width" => $this->resize_width, + "height" => $this->resize_height) ); // html::image forces an absolute url which we don't want return ""; @@ -973,27 +973,25 @@ class Item_Model extends ORM_MPTT { } unset($data["album_cover_item_id"]); - if (access::can("view_full", $this) && $this->is_photo()) { - if (access::user_can(identity::guest(), "view_full", $this)) { - $data["file_url"] = $this->file_url(true); - } else { - $data["file_url"] = rest::url("data", $this, "full"); - } + if (access::can("view_full", $this) && !$this->is_album()) { + $data["file_url"] = rest::url("data", $this, "full"); + } + if (access::user_can(identity::guest(), "view_full", $this)) { + $data["file_url_public"] = $this->file_url(true); } - if (($tmp = $this->resize_url(true)) && $this->is_photo()) { + if ($this->is_photo()) { + $data["resize_url"] = rest::url("data", $this, "resize"); if (access::user_can(identity::guest(), "view", $this)) { - $data["resize_url"] = $tmp; - } else { - $data["resize_url"] = rest::url("data", $this, "resize"); + $data["resize_url_public"] = $this->resize_url(true); } } + $data["thumb_url"] = rest::url("data", $this, "thumb"); if (access::user_can(identity::guest(), "view", $this)) { - $data["thumb_url"] = $this->thumb_url(true); - } else { - $data["thumb_url"] = rest::url("data", $this, "thumb"); + $data["thumb_url_public"] = $this->thumb_url(true); } + $data["can_edit"] = access::can("edit", $this); // Elide some internal-only data that is going to cause confusion in the client. -- cgit v1.2.3 From 6563ad1393b6d9a9cde44a127355359edae54843 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sat, 14 Aug 2010 22:00:53 -0700 Subject: Return the right content type for album thumbnails (based on the album cover's mime type) --- modules/gallery/helpers/data_rest.php | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'modules') diff --git a/modules/gallery/helpers/data_rest.php b/modules/gallery/helpers/data_rest.php index 3cd2f59a..98c98894 100644 --- a/modules/gallery/helpers/data_rest.php +++ b/modules/gallery/helpers/data_rest.php @@ -57,9 +57,17 @@ class data_rest_Core { // We don't need to save the session for this request Session::instance()->abort_save(); + if ($item->is_album() && !$item->album_cover_item_id) { + // No thumbnail. Return nothing. + // @todo: what should we do here? + return; + } + // Dump out the image. If the item is a movie, then its thumbnail will be a JPG. if ($item->is_movie() && $p->size == "thumb") { header("Content-Type: image/jpeg"); + } else if ($item->is_album()) { + header("Content-Type: " . $item->album_cover()->mime_type); } else { header("Content-Type: {$item->mime_type}"); } -- cgit v1.2.3 From d2c59740b11c0764967410b233f3b01fc3dab85d Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sun, 15 Aug 2010 00:00:31 -0700 Subject: Updated organize SWF to understand data resources. --- modules/organize/lib/Gallery3WebClient.swf | Bin 147776 -> 145197 bytes 1 file changed, 0 insertions(+), 0 deletions(-) (limited to 'modules') diff --git a/modules/organize/lib/Gallery3WebClient.swf b/modules/organize/lib/Gallery3WebClient.swf index 40249a73..b37a74c3 100644 Binary files a/modules/organize/lib/Gallery3WebClient.swf and b/modules/organize/lib/Gallery3WebClient.swf differ -- cgit v1.2.3 From a1be33f6ab9672cd4886e5b607001d30368613a1 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sun, 15 Aug 2010 00:46:02 -0700 Subject: Verified. --- modules/gallery/tests/controller_auth_data.txt | 2 + modules/gallery/tests/xss_data.txt | 95 +++++++++++++------------- 2 files changed, 51 insertions(+), 46 deletions(-) (limited to 'modules') diff --git a/modules/gallery/tests/controller_auth_data.txt b/modules/gallery/tests/controller_auth_data.txt index 0864a928..8b776fb9 100644 --- a/modules/gallery/tests/controller_auth_data.txt +++ b/modules/gallery/tests/controller_auth_data.txt @@ -25,6 +25,8 @@ modules/gallery/controllers/welcome_message.php index modules/organize/controllers/organize.php dialog DIRTY_CSRF modules/organize/controllers/organize.php add_album_fields DIRTY_AUTH modules/rest/controllers/rest.php index DIRTY_CSRF|DIRTY_AUTH +modules/rest/controllers/rest.php reset_api_key_confirm DIRTY_AUTH +modules/rest/controllers/rest.php reset_api_key DIRTY_AUTH modules/rest/controllers/rest.php __call DIRTY_CSRF|DIRTY_AUTH modules/rss/controllers/rss.php feed DIRTY_CSRF|DIRTY_AUTH modules/search/controllers/search.php index DIRTY_CSRF|DIRTY_AUTH diff --git a/modules/gallery/tests/xss_data.txt b/modules/gallery/tests/xss_data.txt index ef92970b..3eae3d07 100644 --- a/modules/gallery/tests/xss_data.txt +++ b/modules/gallery/tests/xss_data.txt @@ -122,50 +122,52 @@ modules/gallery/views/admin_themes.html.php 76 DIRTY $info- modules/gallery/views/admin_themes.html.php 78 DIRTY $info->description modules/gallery/views/admin_themes_preview.html.php 8 DIRTY_ATTR $url modules/gallery/views/error_404.html.php 14 DIRTY $login_form -modules/gallery/views/error_admin.html.php 183 DIRTY $type -modules/gallery/views/error_admin.html.php 183 DIRTY $code -modules/gallery/views/error_admin.html.php 186 DIRTY $message -modules/gallery/views/error_admin.html.php 189 DIRTY_ATTR $error_id -modules/gallery/views/error_admin.html.php 194 DIRTY Kohana_Exception::debug_path($file) -modules/gallery/views/error_admin.html.php 194 DIRTY $line -modules/gallery/views/error_admin.html.php 199 DIRTY_ATTR ($num==$line)?"highlight":"" -modules/gallery/views/error_admin.html.php 199 DIRTY $num -modules/gallery/views/error_admin.html.php 199 DIRTY htmlspecialchars($row,ENT_NOQUOTES,Kohana::CHARSET) -modules/gallery/views/error_admin.html.php 211 DIRTY_ATTR $source_id -modules/gallery/views/error_admin.html.php 211 DIRTY_JS $source_id -modules/gallery/views/error_admin.html.php 211 DIRTY Kohana_Exception::debug_path($step["file"]) -modules/gallery/views/error_admin.html.php 211 DIRTY $step["line"] -modules/gallery/views/error_admin.html.php 213 DIRTY Kohana_Exception::debug_path($step["file"]) -modules/gallery/views/error_admin.html.php 213 DIRTY $step["line"] -modules/gallery/views/error_admin.html.php 220 DIRTY $step["function"] -modules/gallery/views/error_admin.html.php 221 DIRTY_ATTR $args_id -modules/gallery/views/error_admin.html.php 221 DIRTY_JS $args_id -modules/gallery/views/error_admin.html.php 225 DIRTY_ATTR $args_id -modules/gallery/views/error_admin.html.php 230 DIRTY $name -modules/gallery/views/error_admin.html.php 233 DIRTY Kohana_Exception::safe_dump($arg,$name) -modules/gallery/views/error_admin.html.php 241 DIRTY_ATTR $source_id -modules/gallery/views/error_admin.html.php 241 DIRTY_ATTR ($num==$step["line"])?"highlight":"" -modules/gallery/views/error_admin.html.php 241 DIRTY $num -modules/gallery/views/error_admin.html.php 241 DIRTY htmlspecialchars($row,ENT_NOQUOTES,Kohana::CHARSET) -modules/gallery/views/error_admin.html.php 251 DIRTY_ATTR $env_id=$error_id."environment" -modules/gallery/views/error_admin.html.php 251 DIRTY_JS $env_id -modules/gallery/views/error_admin.html.php 253 DIRTY_ATTR $env_id -modules/gallery/views/error_admin.html.php 255 DIRTY_ATTR $env_id=$error_id."environment_included" -modules/gallery/views/error_admin.html.php 255 DIRTY_JS $env_id -modules/gallery/views/error_admin.html.php 255 DIRTY count($included) -modules/gallery/views/error_admin.html.php 256 DIRTY_ATTR $env_id -modules/gallery/views/error_admin.html.php 261 DIRTY Kohana_Exception::debug_path($file) -modules/gallery/views/error_admin.html.php 268 DIRTY_ATTR $env_id=$error_id."environment_loaded" -modules/gallery/views/error_admin.html.php 268 DIRTY_JS $env_id -modules/gallery/views/error_admin.html.php 268 DIRTY count($included) -modules/gallery/views/error_admin.html.php 269 DIRTY_ATTR $env_id -modules/gallery/views/error_admin.html.php 274 DIRTY Kohana_Exception::debug_path($file) -modules/gallery/views/error_admin.html.php 282 DIRTY_ATTR $env_id="$error_id.environment".strtolower($var) -modules/gallery/views/error_admin.html.php 283 DIRTY_JS $env_id -modules/gallery/views/error_admin.html.php 283 DIRTY $var -modules/gallery/views/error_admin.html.php 284 DIRTY_ATTR $env_id -modules/gallery/views/error_admin.html.php 290 DIRTY $key -modules/gallery/views/error_admin.html.php 294 DIRTY Kohana_Exception::safe_dump($value,$key) +modules/gallery/views/error_admin.html.php 178 DIRTY @gallery_block::get("platform_info") +modules/gallery/views/error_admin.html.php 179 DIRTY @gallery_block::get("stats") +modules/gallery/views/error_admin.html.php 184 DIRTY $type +modules/gallery/views/error_admin.html.php 184 DIRTY $code +modules/gallery/views/error_admin.html.php 187 DIRTY $message +modules/gallery/views/error_admin.html.php 190 DIRTY_ATTR $error_id +modules/gallery/views/error_admin.html.php 195 DIRTY Kohana_Exception::debug_path($file) +modules/gallery/views/error_admin.html.php 195 DIRTY $line +modules/gallery/views/error_admin.html.php 200 DIRTY_ATTR ($num==$line)?"highlight":"" +modules/gallery/views/error_admin.html.php 200 DIRTY $num +modules/gallery/views/error_admin.html.php 200 DIRTY htmlspecialchars($row,ENT_NOQUOTES,Kohana::CHARSET) +modules/gallery/views/error_admin.html.php 212 DIRTY_ATTR $source_id +modules/gallery/views/error_admin.html.php 212 DIRTY_JS $source_id +modules/gallery/views/error_admin.html.php 212 DIRTY Kohana_Exception::debug_path($step["file"]) +modules/gallery/views/error_admin.html.php 212 DIRTY $step["line"] +modules/gallery/views/error_admin.html.php 214 DIRTY Kohana_Exception::debug_path($step["file"]) +modules/gallery/views/error_admin.html.php 214 DIRTY $step["line"] +modules/gallery/views/error_admin.html.php 221 DIRTY $step["function"] +modules/gallery/views/error_admin.html.php 222 DIRTY_ATTR $args_id +modules/gallery/views/error_admin.html.php 222 DIRTY_JS $args_id +modules/gallery/views/error_admin.html.php 226 DIRTY_ATTR $args_id +modules/gallery/views/error_admin.html.php 231 DIRTY $name +modules/gallery/views/error_admin.html.php 234 DIRTY Kohana_Exception::safe_dump($arg,$name) +modules/gallery/views/error_admin.html.php 242 DIRTY_ATTR $source_id +modules/gallery/views/error_admin.html.php 242 DIRTY_ATTR ($num==$step["line"])?"highlight":"" +modules/gallery/views/error_admin.html.php 242 DIRTY $num +modules/gallery/views/error_admin.html.php 242 DIRTY htmlspecialchars($row,ENT_NOQUOTES,Kohana::CHARSET) +modules/gallery/views/error_admin.html.php 252 DIRTY_ATTR $env_id=$error_id."environment" +modules/gallery/views/error_admin.html.php 252 DIRTY_JS $env_id +modules/gallery/views/error_admin.html.php 254 DIRTY_ATTR $env_id +modules/gallery/views/error_admin.html.php 256 DIRTY_ATTR $env_id=$error_id."environment_included" +modules/gallery/views/error_admin.html.php 256 DIRTY_JS $env_id +modules/gallery/views/error_admin.html.php 256 DIRTY count($included) +modules/gallery/views/error_admin.html.php 257 DIRTY_ATTR $env_id +modules/gallery/views/error_admin.html.php 262 DIRTY Kohana_Exception::debug_path($file) +modules/gallery/views/error_admin.html.php 269 DIRTY_ATTR $env_id=$error_id."environment_loaded" +modules/gallery/views/error_admin.html.php 269 DIRTY_JS $env_id +modules/gallery/views/error_admin.html.php 269 DIRTY count($included) +modules/gallery/views/error_admin.html.php 270 DIRTY_ATTR $env_id +modules/gallery/views/error_admin.html.php 275 DIRTY Kohana_Exception::debug_path($file) +modules/gallery/views/error_admin.html.php 283 DIRTY_ATTR $env_id="$error_id.environment".strtolower($var) +modules/gallery/views/error_admin.html.php 284 DIRTY_JS $env_id +modules/gallery/views/error_admin.html.php 284 DIRTY $var +modules/gallery/views/error_admin.html.php 285 DIRTY_ATTR $env_id +modules/gallery/views/error_admin.html.php 291 DIRTY $key +modules/gallery/views/error_admin.html.php 295 DIRTY Kohana_Exception::safe_dump($value,$key) modules/gallery/views/form_uploadify.html.php 9 DIRTY_JS url::file("lib/uploadify/uploadify.swf") modules/gallery/views/form_uploadify.html.php 10 DIRTY_JS url::site("uploader/add_photo/{$album->id}") modules/gallery/views/form_uploadify.html.php 14 DIRTY_JS url::file("lib/uploadify/cancel.png") @@ -294,6 +296,7 @@ modules/organize/views/organize_dialog.html.php 136 DIRTY_ATTR requ modules/recaptcha/views/admin_recaptcha.html.php 11 DIRTY $form modules/recaptcha/views/admin_recaptcha.html.php 23 DIRTY_JS $public_key modules/recaptcha/views/form_recaptcha.html.php 7 DIRTY_JS $public_key +modules/rest/views/reset_api_key_confirm.html.php 6 DIRTY $form modules/rss/views/feed.mrss.php 10 DIRTY $feed->uri modules/rss/views/feed.mrss.php 13 DIRTY_JS $feed->uri modules/rss/views/feed.mrss.php 16 DIRTY_JS $feed->previous_page_uri @@ -367,8 +370,8 @@ themes/admin_wind/views/admin.html.php 61 DIRTY $theme themes/admin_wind/views/admin.html.php 68 DIRTY $content themes/admin_wind/views/admin.html.php 74 DIRTY $sidebar themes/admin_wind/views/admin.html.php 79 DIRTY $theme->admin_footer() -themes/admin_wind/views/admin.html.php 81 DIRTY $theme->admin_credits() -themes/admin_wind/views/admin.html.php 85 DIRTY $theme->admin_page_bottom() +themes/admin_wind/views/admin.html.php 82 DIRTY $theme->admin_credits() +themes/admin_wind/views/admin.html.php 87 DIRTY $theme->admin_page_bottom() themes/admin_wind/views/block.html.php 3 DIRTY_ATTR $anchor themes/admin_wind/views/block.html.php 5 DIRTY $id themes/admin_wind/views/block.html.php 5 DIRTY_ATTR $css_id -- cgit v1.2.3 From ff1d8aea2f2805f85ce3cc7e4079d04fb9f1bac4 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sun, 15 Aug 2010 01:59:54 -0700 Subject: We use UTF-8 everywhere. Fixes ticket #1285. --- modules/gallery/controllers/user_profile.php | 2 +- modules/gallery/tests/Sendmail_Test.php | 4 ++-- modules/gallery/views/error_admin.html.php | 2 +- modules/gallery/views/error_user.html.php | 2 +- modules/notification/helpers/notification.php | 6 +++--- modules/rest/helpers/rest.php | 2 +- modules/user/controllers/password.php | 2 +- 7 files changed, 10 insertions(+), 10 deletions(-) (limited to 'modules') diff --git a/modules/gallery/controllers/user_profile.php b/modules/gallery/controllers/user_profile.php index 726d3e51..e992655b 100644 --- a/modules/gallery/controllers/user_profile.php +++ b/modules/gallery/controllers/user_profile.php @@ -56,7 +56,7 @@ class User_Profile_Controller extends Controller { ->to($user->email) ->subject(html::clean($form->message->subject->value)) ->header("Mime-Version", "1.0") - ->header("Content-type", "text/html; charset=iso-8859-1") + ->header("Content-type", "text/html; charset=UTF-8") ->reply_to($form->message->reply_to->value) ->message(html::purify($form->message->message->value)) ->send(); diff --git a/modules/gallery/tests/Sendmail_Test.php b/modules/gallery/tests/Sendmail_Test.php index b20543d1..b9406047 100644 --- a/modules/gallery/tests/Sendmail_Test.php +++ b/modules/gallery/tests/Sendmail_Test.php @@ -65,14 +65,14 @@ class Sendmail_Test extends Gallery_Unit_Test_Case { "From: from@gallery3.com\n" . "Reply-To: public@gallery3.com\n" . "MIME-Version: 1.0\n" . - "Content-type: text/html; charset=iso-8859-1\r\n" . + "Content-Type: text/html; charset=UTF-8\r\n" . "Subject: Test Email Unit test\r\n\r\n" . "

    This is an html msg

    "; $result = Sendmail_For_Test::factory() ->to("receiver@someemail.com") ->subject("Test Email Unit test") ->header("MIME-Version", "1.0") - ->header("Content-type", "text/html; charset=iso-8859-1") + ->header("Content-Type", "text/html; charset=UTF-8") ->message("

    This is an html msg

    ") ->send() ->send_text; diff --git a/modules/gallery/views/error_admin.html.php b/modules/gallery/views/error_admin.html.php index f5004eae..af78c59c 100644 --- a/modules/gallery/views/error_admin.html.php +++ b/modules/gallery/views/error_admin.html.php @@ -120,7 +120,7 @@ font-size: 1.1em; } - + <?= t("Something went wrong!") ?>