From a1a3d4f59568dc7de2b309796752a49242fde6f0 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Sat, 23 Jan 2010 14:57:10 -0800 Subject: Correct the javascript so it will find the "Continue" button in other languages than english. --- modules/gallery/views/admin_modules.html.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'modules') diff --git a/modules/gallery/views/admin_modules.html.php b/modules/gallery/views/admin_modules.html.php index a021d969..26b2c87c 100644 --- a/modules/gallery/views/admin_modules.html.php +++ b/modules/gallery/views/admin_modules.html.php @@ -22,7 +22,7 @@ buttons: { for_js() ?>: function() { $("form", this).submit(); - $(".ui-dialog-buttonpane button:contains(Continue)") + $(".ui-dialog-buttonpane button:contains()") .attr("disabled", "disabled") .addClass("ui-state-disabled"); }, @@ -32,7 +32,7 @@ } }); if (!data.allow_continue) { - $(".ui-dialog-buttonpane button:contains(Continue)") + $(".ui-dialog-buttonpane button:contains()") .attr("disabled", "disabled") .addClass("ui-state-disabled"); } -- cgit v1.2.3 From c9b775c21abdf157b635ee023100f25488b89a03 Mon Sep 17 00:00:00 2001 From: Andy Staudacher Date: Sat, 23 Jan 2010 15:46:01 -0800 Subject: Fix for bug 984, consistently interpret installed / available locales as array. On the current hostgater setup (PHP 5.2.12), locales::available() was returning an array and isset($locales->$code) would always (silently) return false. Choosing array over stdClass since count($someStdClass) will always return 1, and not the number of object members. --- modules/gallery/helpers/locales.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'modules') diff --git a/modules/gallery/helpers/locales.php b/modules/gallery/helpers/locales.php index 8d76e333..5c8c227a 100644 --- a/modules/gallery/helpers/locales.php +++ b/modules/gallery/helpers/locales.php @@ -41,7 +41,7 @@ class locales_Core { $default = module::get_var("gallery", "default_locale"); $codes = explode("|", module::get_var("gallery", "installed_locales", $default)); foreach ($codes as $code) { - if (isset($available->$code)) { + if (isset($available[$code])) { $installed[$code] = $available[$code]; } } @@ -127,7 +127,7 @@ class locales_Core { } $locale or $locale = Gallery_I18n::instance()->locale(); - return self::$locales["$locale"]; + return self::$locales[$locale]; } static function is_rtl($locale=null) { -- cgit v1.2.3 From 61e31b6f77a803ec0bf43e4ca8e36d61f90941a8 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sat, 23 Jan 2010 16:44:30 -0800 Subject: Fix typo: change $entryr to $entry->user --- modules/gallery/views/admin_block_log_entries.html.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'modules') diff --git a/modules/gallery/views/admin_block_log_entries.html.php b/modules/gallery/views/admin_block_log_entries.html.php index 90ce88a7..453724cb 100644 --- a/modules/gallery/views/admin_block_log_entries.html.php +++ b/modules/gallery/views/admin_block_log_entries.html.php @@ -2,7 +2,7 @@
  • - user->name) ?> + user->name) ?> timestamp) ?> message ?> html ?> -- cgit v1.2.3 From ed5b07b335d8bd1520f3b54bf28272f853bbfbfb Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Sat, 23 Jan 2010 21:38:01 -0800 Subject: Create a user profile page that is used as a landing page when referencing a user in messages or pages. Partial fix for ticket #889 and a fix for #931. --- .../views/admin_block_recent_comments.html.php | 3 +- modules/comment/views/comment.html.php | 3 +- modules/comment/views/comments.html.php | 3 +- modules/gallery/controllers/user_profile.php | 80 ++++++++++++++++++++++ modules/gallery/helpers/gallery_event.php | 4 +- modules/gallery/helpers/user_profile.php | 55 +++++++++++++++ .../gallery/views/admin_block_log_entries.html.php | 2 +- modules/gallery/views/login_current_user.html.php | 9 +-- modules/gallery/views/user_profile.html.php | 69 +++++++++++++++++++ modules/recaptcha/helpers/recaptcha_event.php | 6 ++ 10 files changed, 222 insertions(+), 12 deletions(-) create mode 100644 modules/gallery/controllers/user_profile.php create mode 100644 modules/gallery/helpers/user_profile.php create mode 100644 modules/gallery/views/user_profile.html.php (limited to 'modules') diff --git a/modules/comment/views/admin_block_recent_comments.html.php b/modules/comment/views/admin_block_recent_comments.html.php index d9776def..99f72a30 100644 --- a/modules/comment/views/admin_block_recent_comments.html.php +++ b/modules/comment/views/admin_block_recent_comments.html.php @@ -8,8 +8,9 @@ width="32" height="32" /> created) ?> - %author_name said %comment_text', + %author_name said %comment_text', array("author_name" => html::clean($comment->author_name()), + "url" => user_profile::url($comment->author_id), "comment_text" => text::limit_words(nl2br(html::purify($comment->text)), 50))); ?>
    • diff --git a/modules/comment/views/comment.html.php b/modules/comment/views/comment.html.php index 2c485b53..c4cf1ce0 100644 --- a/modules/comment/views/comment.html.php +++ b/modules/comment/views/comment.html.php @@ -8,8 +8,9 @@ width="40" height="40" /> - %name said", + %name said", array("date_time" => gallery::date_time($comment->created), + "url" => user_profile::url($comment->author_id), "name" => html::clean($comment->author_name()))) ?>

    diff --git a/modules/comment/views/comments.html.php b/modules/comment/views/comments.html.php index fc54e3d2..c8236997 100644 --- a/modules/comment/views/comments.html.php +++ b/modules/comment/views/comments.html.php @@ -22,8 +22,9 @@ width="40" height="40" /> - %name said', + %name said', array("date" => date("Y-M-d H:i:s", $comment->created), + "url" => user_profile::url($comment->author_id), "name" => html::clean($comment->author_name()))); ?>

    diff --git a/modules/gallery/controllers/user_profile.php b/modules/gallery/controllers/user_profile.php new file mode 100644 index 00000000..808531da --- /dev/null +++ b/modules/gallery/controllers/user_profile.php @@ -0,0 +1,80 @@ +id == $id; + $display_all = $active_user->admin || ($is_current_active && !$active_user->guest); + + $v = new Theme_View("page.html", "other", "profile"); + $v->page_title = t("%name Profile", array("name" => $user->display_name())); + $v->content = new View("user_profile.html"); + + // @todo modify user_home to supply a link to their album, + // @todo add list of watches + // @todo add all comments + // @todo add rest api key + $v->content->user = $user; + $v->content->height = 250; + $v->content->not_current = !$is_current_active; + $v->content->editable = identity::is_writable() && $display_all; + $v->content->return = SafeString::of(Input::instance()->get("return")); + + $fields = array("name" => t("Name"), "locale" => t("Locale"), "email" => t("Email"), + "full_name" => t("Full name"), "url" => "Web site"); + if (!$display_all) { + $fields = array("name" => t("Name"), "full_name" => t("Full name"), "url" => "Web site"); + } + $v->content->fields = array(); + foreach ($fields as $field => $label) { + if (!empty($user->$field)) { + $v->content->fields[(string)$label->for_html()] = $user->$field; + } + } + + print $v; + } + + public function contact($id) { + $user = identity::lookup_user($id); + print user_profile::get_contact_form($user); + } + + public function send($id) { + $user = identity::lookup_user($id); + $form = user_profile::get_contact_form($user); + if ($form->validate()) { + Sendmail::factory() + ->to($user->email) + ->subject($form->message->subject->value) + ->header("Mime-Version", "1.0") + ->header("Content-type", "text/html; charset=iso-8859-1") + ->reply_to($form->message->reply_to->value) + ->message($form->message->message->value) + ->send(); + message::success(t("Sent message to %user_name", array("user_name" => $user->display_name()))); + print json_encode(array("result" => "success")); + } else { + print json_encode(array("result" => "error", "form" => (string)$form)); + } + } +} diff --git a/modules/gallery/helpers/gallery_event.php b/modules/gallery/helpers/gallery_event.php index 6175e049..29940ac6 100644 --- a/modules/gallery/helpers/gallery_event.php +++ b/modules/gallery/helpers/gallery_event.php @@ -111,11 +111,11 @@ class gallery_event_Core { ->label(t("Login"))); } else { $csrf = access::csrf_token(); - $menu->append(Menu::factory("dialog") + $menu->append(Menu::factory("link") ->id("user_menu_edit_profile") ->css_id("g-user-profile-link") ->view("login_current_user.html") - ->url(url::site("form/edit/user/{$user->id}")) + ->url(user_profile::url($user->id)) ->label($user->display_name())); $menu->append(Menu::factory("link") ->id("user_menu_logout") diff --git a/modules/gallery/helpers/user_profile.php b/modules/gallery/helpers/user_profile.php new file mode 100644 index 00000000..018e1bd1 --- /dev/null +++ b/modules/gallery/helpers/user_profile.php @@ -0,0 +1,55 @@ +id}", "", "post", + array("id" => "g-user-profile-contact-form")); + $group = $form->group("message") + ->label(t("Compose message to %name", array("name" => $user->display_name()))); + $group->input("reply_to") + ->label(t("From:")) + ->rules("required|length[1, 256]|valid_email") + ->error_messages("required", t("Field is required")) + ->error_messages("max_length", t("Field exceeds 256 bytes")) + ->error_messages("valid_email", t("Field is not a valid email address")); + $group->input("subject") + ->label(t("Subject:")) + ->rules("required|length[1, 256]") + ->error_messages("required", t("Field is required")) + ->error_messages("max_length", t("Field exceeds 256 bytes")); + $group->textarea("message") + ->label(t("Message:")) + ->rules("required") + ->error_messages("required", t("Field is required")); + module::event("user_profile_contact_form", $form); + $group->submit("")->value(t("Send")); + return $form; + } +} diff --git a/modules/gallery/views/admin_block_log_entries.html.php b/modules/gallery/views/admin_block_log_entries.html.php index 780ff2d0..90ce88a7 100644 --- a/modules/gallery/views/admin_block_log_entries.html.php +++ b/modules/gallery/views/admin_block_log_entries.html.php @@ -2,7 +2,7 @@
    • - user_id") ?>">user->name) ?> + user->name) ?> timestamp) ?> message ?> html ?> diff --git a/modules/gallery/views/login_current_user.html.php b/modules/gallery/views/login_current_user.html.php index e3b3688f..39f52b51 100644 --- a/modules/gallery/views/login_current_user.html.php +++ b/modules/gallery/views/login_current_user.html.php @@ -1,11 +1,8 @@
    • label->for_html() ?> - + for_html_attr() : + t("Display your profile")->for_html_attr() ?> html::mark_clean( - "{$name}"))) ?> - - $name)) ?> - + "{$name}"))) ?>
      • diff --git a/modules/gallery/views/user_profile.html.php b/modules/gallery/views/user_profile.html.php new file mode 100644 index 00000000..e7ce56b3 --- /dev/null +++ b/modules/gallery/views/user_profile.html.php @@ -0,0 +1,69 @@ + + + +
      +

      $user->display_name())) ?>

      +
      +
      + +
      + + $value): ?> + + + + + +
      +
      +
      +
      +
      + guest && $not_current && !empty($user->email)): ?> + id}") ?>"> + + + + + id}") ?>"> + + + + + + + +
      +
      \ No newline at end of file diff --git a/modules/recaptcha/helpers/recaptcha_event.php b/modules/recaptcha/helpers/recaptcha_event.php index e7ded3ab..a7f64bdd 100644 --- a/modules/recaptcha/helpers/recaptcha_event.php +++ b/modules/recaptcha/helpers/recaptcha_event.php @@ -18,6 +18,12 @@ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. */ class recaptcha_event_Core { + static function user_profile_contact_form($form) { + if (module::get_var("recaptcha", "public_key")) { + $form->message->recaptcha("recaptcha")->label("")->id("g-recaptcha"); + } + } + static function comment_add_form($form) { if (module::get_var("recaptcha", "public_key")) { $form->add_comment->recaptcha("recaptcha")->label("")->id("g-recaptcha"); -- cgit v1.2.3 From c39437a1929a3383e66f6bc8d6fc1a367de23f27 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Sat, 23 Jan 2010 23:52:29 -0800 Subject: Change the hover text to just display 'Your profile'. --- modules/gallery/views/login_current_user.html.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'modules') diff --git a/modules/gallery/views/login_current_user.html.php b/modules/gallery/views/login_current_user.html.php index 39f52b51..94525576 100644 --- a/modules/gallery/views/login_current_user.html.php +++ b/modules/gallery/views/login_current_user.html.php @@ -1,8 +1,7 @@
    • label->for_html() ?> - for_html_attr() : - t("Display your profile")->for_html_attr() ?> + for_html_attr() ?> html::mark_clean( "{$name}"))) ?>
      • -- cgit v1.2.3 From 3b8636e5298f61eee3d9953468ef648c36e64e5c Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Sat, 23 Jan 2010 23:53:16 -0800 Subject: Update the Xss_Security_Test and the Controller_Auth_Test. --- modules/gallery/tests/controller_auth_data.txt | 3 ++ modules/gallery/tests/xss_data.txt | 51 +++++++++++++++----------- 2 files changed, 32 insertions(+), 22 deletions(-) (limited to 'modules') diff --git a/modules/gallery/tests/controller_auth_data.txt b/modules/gallery/tests/controller_auth_data.txt index beabee49..da7108d8 100644 --- a/modules/gallery/tests/controller_auth_data.txt +++ b/modules/gallery/tests/controller_auth_data.txt @@ -19,6 +19,9 @@ modules/gallery/controllers/quick.php form_edit modules/gallery/controllers/simple_uploader.php start DIRTY_AUTH modules/gallery/controllers/simple_uploader.php finish DIRTY_AUTH modules/gallery/controllers/upgrader.php index DIRTY_AUTH +modules/gallery/controllers/user_profile.php show DIRTY_CSRF|DIRTY_AUTH +modules/gallery/controllers/user_profile.php contact DIRTY_AUTH +modules/gallery/controllers/user_profile.php send DIRTY_AUTH modules/gallery/controllers/welcome_message.php index DIRTY_AUTH modules/rest/controllers/rest.php access_key DIRTY_CSRF|DIRTY_AUTH modules/rest/controllers/rest.php __call DIRTY_AUTH diff --git a/modules/gallery/tests/xss_data.txt b/modules/gallery/tests/xss_data.txt index 1530c73e..a89725c0 100644 --- a/modules/gallery/tests/xss_data.txt +++ b/modules/gallery/tests/xss_data.txt @@ -43,6 +43,7 @@ modules/g2_import/views/admin_g2_import.html.php 30 DIRTY $form modules/gallery/views/admin_advanced_settings.html.php 21 DIRTY_ATTR text::alternate("g-odd","g-even") modules/gallery/views/admin_advanced_settings.html.php 22 DIRTY $var->module_name modules/gallery/views/admin_block_log_entries.html.php 4 DIRTY_ATTR log::severity_class($entry->severity) +modules/gallery/views/admin_block_log_entries.html.php 5 DIRTY_JS user_profile::url($entryr->id) modules/gallery/views/admin_block_log_entries.html.php 6 DIRTY gallery::date_time($entry->timestamp) modules/gallery/views/admin_block_log_entries.html.php 7 DIRTY $entry->message modules/gallery/views/admin_block_log_entries.html.php 8 DIRTY $entry->html @@ -66,11 +67,6 @@ modules/gallery/views/admin_graphics_graphicsmagick.html.php 18 DIRTY $tk->e modules/gallery/views/admin_graphics_imagemagick.html.php 2 DIRTY_ATTR $is_active?" g-selected":"" modules/gallery/views/admin_graphics_imagemagick.html.php 2 DIRTY_ATTR $tk->installed?" g-installed-toolkit":" g-unavailable" modules/gallery/views/admin_graphics_imagemagick.html.php 18 DIRTY $tk->error -modules/gallery/views/admin_identity.html.php 43 DIRTY access::csrf_form_field() -modules/gallery/views/admin_identity.html.php 50 DIRTY_ATTR text::alternate("g-odd","g-even") -modules/gallery/views/admin_identity.html.php 52 DIRTY form::radio($data,$module_name,$module_name==$active) -modules/gallery/views/admin_identity_confirm.html.php 3 DIRTY access::csrf_form_field() -modules/gallery/views/admin_identity_confirm.html.php 4 DIRTY form::hidden("provider",$new_provider) modules/gallery/views/admin_languages.html.php 43 DIRTY access::csrf_form_field() modules/gallery/views/admin_languages.html.php 60 DIRTY_ATTR (isset($installed_locales[$code]))?"g-available":"" modules/gallery/views/admin_languages.html.php 60 DIRTY_ATTR ($default_locale==$code)?" g-selected":"" @@ -98,10 +94,16 @@ modules/gallery/views/admin_maintenance.html.php 158 DIRTY $task- modules/gallery/views/admin_maintenance_show_log.html.php 8 DIRTY_JS url::site("admin/maintenance/save_log/$task->id?csrf=$csrf") modules/gallery/views/admin_maintenance_show_log.html.php 13 DIRTY $task->name modules/gallery/views/admin_maintenance_task.html.php 55 DIRTY $task->name -modules/gallery/views/admin_modules.html.php 10 DIRTY access::csrf_form_field() -modules/gallery/views/admin_modules.html.php 19 DIRTY_ATTR text::alternate("g-odd","g-even") -modules/gallery/views/admin_modules.html.php 22 DIRTY form::checkbox($data,'1',module::is_active($module_name)) -modules/gallery/views/admin_modules.html.php 24 DIRTY $module_info->version +modules/gallery/views/admin_modules.html.php 25 DIRTY_JS t("Continue") +modules/gallery/views/admin_modules.html.php 35 DIRTY_JS t("Continue") +modules/gallery/views/admin_modules.html.php 51 DIRTY access::csrf_form_field() +modules/gallery/views/admin_modules.html.php 60 DIRTY_ATTR text::alternate("g-odd","g-even") +modules/gallery/views/admin_modules.html.php 63 DIRTY form::checkbox($data,'1',module::is_active($module_name)) +modules/gallery/views/admin_modules.html.php 65 DIRTY $module_info->version +modules/gallery/views/admin_modules_confirm.html.php 11 DIRTY_ATTR $class +modules/gallery/views/admin_modules_confirm.html.php 11 DIRTY $message +modules/gallery/views/admin_modules_confirm.html.php 16 DIRTY access::csrf_form_field() +modules/gallery/views/admin_modules_confirm.html.php 18 DIRTY form::hidden($module,1) modules/gallery/views/admin_sidebar.html.php 50 DIRTY $available modules/gallery/views/admin_sidebar.html.php 58 DIRTY $active modules/gallery/views/admin_sidebar_blocks.html.php 4 DIRTY_ATTR $ref @@ -118,11 +120,11 @@ modules/gallery/views/admin_themes.html.php 62 DIRTY $theme modules/gallery/views/admin_themes.html.php 76 DIRTY $info->name modules/gallery/views/admin_themes.html.php 78 DIRTY $info->description modules/gallery/views/admin_themes_preview.html.php 7 DIRTY_ATTR $url -modules/gallery/views/form_uploadify.html.php 24 DIRTY_JS url::file("lib/uploadify/uploadify.swf") -modules/gallery/views/form_uploadify.html.php 25 DIRTY_JS url::site("simple_uploader/add_photo/{$album->id}") -modules/gallery/views/form_uploadify.html.php 29 DIRTY_JS url::file("lib/uploadify/cancel.png") -modules/gallery/views/form_uploadify.html.php 30 DIRTY_JS $simultaneous_upload_limit -modules/gallery/views/form_uploadify.html.php 55 DIRTY_JS t("Completed") +modules/gallery/views/form_uploadify.html.php 30 DIRTY_JS url::file("lib/uploadify/uploadify.swf") +modules/gallery/views/form_uploadify.html.php 31 DIRTY_JS url::site("simple_uploader/add_photo/{$album->id}") +modules/gallery/views/form_uploadify.html.php 35 DIRTY_JS url::file("lib/uploadify/cancel.png") +modules/gallery/views/form_uploadify.html.php 36 DIRTY_JS $simultaneous_upload_limit +modules/gallery/views/form_uploadify.html.php 61 DIRTY_JS t("Completed") modules/gallery/views/in_place_edit.html.php 2 DIRTY form::open($action,array("method"=>"post","id"=>"g-in-place-edit-form","class"=>"g-short-form"),$hidden) modules/gallery/views/in_place_edit.html.php 5 DIRTY form::input("input",$form["input"]," class=\"textbox\"") modules/gallery/views/in_place_edit.html.php 12 DIRTY form::close() @@ -217,6 +219,10 @@ modules/gallery/views/upgrader.html.php 77 DIRTY $modul modules/gallery/views/upgrader.html.php 99 DIRTY_ATTR $done?"muted":"" modules/gallery/views/upgrader.html.php 102 DIRTY_ATTR $done?"muted":"" modules/gallery/views/user_languages_block.html.php 2 DIRTY form::dropdown("g-select-session-locale",$installed_locales,$selected) +modules/gallery/views/user_profile.html.php 35 DIRTY_ATTR $height +modules/gallery/views/user_profile.html.php 44 DIRTY $field +modules/gallery/views/user_profile.html.php 45 DIRTY $value +modules/gallery/views/user_profile.html.php 65 DIRTY_JS $return->for_html_attr() modules/image_block/views/image_block_block.html.php 3 DIRTY_JS $item->url() modules/image_block/views/image_block_block.html.php 4 DIRTY $item->thumb_img(array("class"=>"g-thumbnail")) modules/info/views/info_block.html.php 22 DIRTY date("M j, Y H:i:s",$item->captured) @@ -326,14 +332,15 @@ themes/admin_wind/views/admin.html.php 16 DIRTY_JS $theme themes/admin_wind/views/admin.html.php 33 DIRTY $theme->admin_head() themes/admin_wind/views/admin.html.php 37 DIRTY $theme->admin_page_top() themes/admin_wind/views/admin.html.php 45 DIRTY $theme->admin_header_top() -themes/admin_wind/views/admin.html.php 60 DIRTY_JS item::root()->url() -themes/admin_wind/views/admin.html.php 64 DIRTY $theme->admin_menu() -themes/admin_wind/views/admin.html.php 66 DIRTY $theme->admin_header_bottom() -themes/admin_wind/views/admin.html.php 73 DIRTY $content -themes/admin_wind/views/admin.html.php 79 DIRTY $sidebar -themes/admin_wind/views/admin.html.php 84 DIRTY $theme->admin_footer() -themes/admin_wind/views/admin.html.php 86 DIRTY $theme->admin_credits() -themes/admin_wind/views/admin.html.php 90 DIRTY $theme->admin_page_bottom() +themes/admin_wind/views/admin.html.php 46 DIRTY_JS item::root()->url() +themes/admin_wind/views/admin.html.php 49 DIRTY $theme->user_menu() +themes/admin_wind/views/admin.html.php 51 DIRTY $theme->admin_menu() +themes/admin_wind/views/admin.html.php 53 DIRTY $theme->admin_header_bottom() +themes/admin_wind/views/admin.html.php 60 DIRTY $content +themes/admin_wind/views/admin.html.php 66 DIRTY $sidebar +themes/admin_wind/views/admin.html.php 71 DIRTY $theme->admin_footer() +themes/admin_wind/views/admin.html.php 73 DIRTY $theme->admin_credits() +themes/admin_wind/views/admin.html.php 77 DIRTY $theme->admin_page_bottom() themes/admin_wind/views/block.html.php 3 DIRTY_ATTR $anchor themes/admin_wind/views/block.html.php 5 DIRTY $id themes/admin_wind/views/block.html.php 5 DIRTY_ATTR $css_id -- cgit v1.2.3 From 7c06e21ec443a46bd78bc9e99d8284283ff85c59 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Sun, 24 Jan 2010 15:27:33 -0800 Subject: Refactor creating the user profile page content into the the event module. The show_user_profile is used to provide content to the user profile page. Add the list of the users comments to the profile page. --- modules/comment/helpers/comment_event.php | 12 +++++++ .../comment/views/user_profile_comments.html.php | 20 ++++++++++++ modules/gallery/controllers/user_profile.php | 17 +++------- modules/gallery/helpers/gallery_event.php | 18 +++++++++++ modules/gallery/views/user_profile.html.php | 37 +++++++++------------- modules/gallery/views/user_profile_info.html.php | 9 ++++++ 6 files changed, 78 insertions(+), 35 deletions(-) create mode 100644 modules/comment/views/user_profile_comments.html.php create mode 100644 modules/gallery/views/user_profile_info.html.php (limited to 'modules') diff --git a/modules/comment/helpers/comment_event.php b/modules/comment/helpers/comment_event.php index bd336cda..12e8d73f 100644 --- a/modules/comment/helpers/comment_event.php +++ b/modules/comment/helpers/comment_event.php @@ -76,4 +76,16 @@ class comment_event_Core { $data[] = $row->text; } } + + static function show_user_profile($data) { + $view = new View("user_profile_comments.html"); + $view->comments = ORM::factory("comment") + ->order_by("created", "DESC") + ->where("state", "=", "published") + ->where("author_id", "=", $data->user->id) + ->find_all(); + if ($view->comments->count()) { + $data->content[] = (object)array("title" => t("Comments"), "view" => $view); + } + } } diff --git a/modules/comment/views/user_profile_comments.html.php b/modules/comment/views/user_profile_comments.html.php new file mode 100644 index 00000000..a2a641ba --- /dev/null +++ b/modules/comment/views/user_profile_comments.html.php @@ -0,0 +1,20 @@ + +
      + +
      diff --git a/modules/gallery/controllers/user_profile.php b/modules/gallery/controllers/user_profile.php index 808531da..6159894d 100644 --- a/modules/gallery/controllers/user_profile.php +++ b/modules/gallery/controllers/user_profile.php @@ -31,25 +31,16 @@ class User_Profile_Controller extends Controller { // @todo modify user_home to supply a link to their album, // @todo add list of watches - // @todo add all comments // @todo add rest api key $v->content->user = $user; - $v->content->height = 250; $v->content->not_current = !$is_current_active; $v->content->editable = identity::is_writable() && $display_all; $v->content->return = SafeString::of(Input::instance()->get("return")); - $fields = array("name" => t("Name"), "locale" => t("Locale"), "email" => t("Email"), - "full_name" => t("Full name"), "url" => "Web site"); - if (!$display_all) { - $fields = array("name" => t("Name"), "full_name" => t("Full name"), "url" => "Web site"); - } - $v->content->fields = array(); - foreach ($fields as $field => $label) { - if (!empty($user->$field)) { - $v->content->fields[(string)$label->for_html()] = $user->$field; - } - } + $event_data = (object)array("user" => $user, "display_all" => $display_all, "content" => array()); + module::event("show_user_profile", $event_data); + Kohana_Log::add("error", Kohana::debug($event_data)); + $v->content->info_parts = $event_data->content; print $v; } diff --git a/modules/gallery/helpers/gallery_event.php b/modules/gallery/helpers/gallery_event.php index 29940ac6..6b70513a 100644 --- a/modules/gallery/helpers/gallery_event.php +++ b/modules/gallery/helpers/gallery_event.php @@ -377,4 +377,22 @@ class gallery_event_Core { } } } + + static function show_user_profile($data) { + $v = new View("user_profile_info.html"); + + $fields = array("name" => t("Name"), "locale" => t("Locale"), "email" => t("Email"), + "full_name" => t("Full name"), "url" => "Web site"); + if (!$data->display_all) { + $fields = array("name" => t("Name"), "full_name" => t("Full name"), "url" => "Web site"); + } + $v->fields = array(); + foreach ($fields as $field => $label) { + if (!empty($data->user->$field)) { + $v->fields[(string)$label->for_html()] = $data->user->$field; + } + } + $data->content[] = (object)array("title" => t("User information"), "view" => $v); + + } } diff --git a/modules/gallery/views/user_profile.html.php b/modules/gallery/views/user_profile.html.php index e7ce56b3..bcfa5346 100644 --- a/modules/gallery/views/user_profile.html.php +++ b/modules/gallery/views/user_profile.html.php @@ -1,9 +1,7 @@ - -
      -

      $user->display_name())) ?>

      +
      +

      + + " + alt="display_name()) ?>" + class="g-avatar" width="40" height="40" /> + + $user->display_name())) ?> +

      +
      - +
      - - $value): ?> - - - - - -
      + view ?>
      +
      guest && $not_current && !empty($user->email)): ?> + + $value): ?> + + + + + +
      -- cgit v1.2.3 From c9ea1a64de16af16180c106a3012919150d3cf60 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Sun, 24 Jan 2010 15:40:56 -0800 Subject: Remove the one last remaining reference to "no_module_admin". --- modules/gallery/helpers/module.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'modules') diff --git a/modules/gallery/helpers/module.php b/modules/gallery/helpers/module.php index f680ff6a..95e426c4 100644 --- a/modules/gallery/helpers/module.php +++ b/modules/gallery/helpers/module.php @@ -98,7 +98,7 @@ class module_Core { $m->active = self::is_active($module_name); $m->code_version = $m->version; $m->version = self::get_version($module_name); - $m->locked = !empty($m->no_module_admin); + $m->locked = false; } // Lock certain modules -- cgit v1.2.3 From 26eb000637fb83c04919e1e18c67b1441db76da6 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Sun, 24 Jan 2010 15:49:02 -0800 Subject: add CSRF protection to the user profile send method. --- modules/gallery/controllers/user_profile.php | 1 + 1 file changed, 1 insertion(+) (limited to 'modules') diff --git a/modules/gallery/controllers/user_profile.php b/modules/gallery/controllers/user_profile.php index 6159894d..3a7e0200 100644 --- a/modules/gallery/controllers/user_profile.php +++ b/modules/gallery/controllers/user_profile.php @@ -51,6 +51,7 @@ class User_Profile_Controller extends Controller { } public function send($id) { + access::verify_csrf(); $user = identity::lookup_user($id); $form = user_profile::get_contact_form($user); if ($form->validate()) { -- cgit v1.2.3 From 865995305cbd709db4f8587d73e7178a277a8d8b Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Sun, 24 Jan 2010 20:14:01 -0800 Subject: Add the active notifications and rest api key to user profile page. --- modules/gallery/controllers/user_profile.php | 3 --- modules/notification/helpers/notification_event.php | 21 +++++++++++++++++++++ .../views/user_profile_notification.html.php | 12 ++++++++++++ modules/rest/helpers/rest_event.php | 17 +++++++++++++++++ modules/rest/views/user_profile_rest.html.php | 8 ++++++++ 5 files changed, 58 insertions(+), 3 deletions(-) create mode 100644 modules/notification/views/user_profile_notification.html.php create mode 100644 modules/rest/views/user_profile_rest.html.php (limited to 'modules') diff --git a/modules/gallery/controllers/user_profile.php b/modules/gallery/controllers/user_profile.php index 3a7e0200..53c76a48 100644 --- a/modules/gallery/controllers/user_profile.php +++ b/modules/gallery/controllers/user_profile.php @@ -30,8 +30,6 @@ class User_Profile_Controller extends Controller { $v->content = new View("user_profile.html"); // @todo modify user_home to supply a link to their album, - // @todo add list of watches - // @todo add rest api key $v->content->user = $user; $v->content->not_current = !$is_current_active; $v->content->editable = identity::is_writable() && $display_all; @@ -39,7 +37,6 @@ class User_Profile_Controller extends Controller { $event_data = (object)array("user" => $user, "display_all" => $display_all, "content" => array()); module::event("show_user_profile", $event_data); - Kohana_Log::add("error", Kohana::debug($event_data)); $v->content->info_parts = $event_data->content; print $v; diff --git a/modules/notification/helpers/notification_event.php b/modules/notification/helpers/notification_event.php index edbf6e39..c8628ae4 100644 --- a/modules/notification/helpers/notification_event.php +++ b/modules/notification/helpers/notification_event.php @@ -126,4 +126,25 @@ class notification_event_Core { } } } + + static function show_user_profile($data) { + if ($data->display_all) { + $view = new View("user_profile_notification.html"); + $view->subscriptions = array(); + foreach(ORM::factory("subscription") + ->where("user_id", "=", $data->user->id) + ->find_all() as $subscription) { + $item = ORM::factory("item") + ->where("id", "=", $subscription->item_id) + ->find(); + if ($item->loaded()) { + $view->subscriptions[] = (object)array("id" => $subscription->id, "title" => $item->title, + "url" => $item->url()); + } + } + if (count($view->subscriptions) > 0) { + $data->content[] = (object)array("title" => t("Watching"), "view" => $view); + } + } + } } \ No newline at end of file diff --git a/modules/notification/views/user_profile_notification.html.php b/modules/notification/views/user_profile_notification.html.php new file mode 100644 index 00000000..8864f0c7 --- /dev/null +++ b/modules/notification/views/user_profile_notification.html.php @@ -0,0 +1,12 @@ + +       diff --git a/modules/rest/helpers/rest_event.php b/modules/rest/helpers/rest_event.php index 860c8e41..f9aa34e3 100644 --- a/modules/rest/helpers/rest_event.php +++ b/modules/rest/helpers/rest_event.php @@ -74,4 +74,21 @@ class rest_event { ->class("g-form-static") ->label(t("Remote access key")); } + + static function show_user_profile($data) { + if ($data->display_all) { + $view = new View("user_profile_rest.html"); + $key = ORM::factory("user_access_token") + ->where("user_id", "=", $data->user->id) + ->find(); + + if (!$key->loaded()) { + $key->user_id = $data->user->id; + $key->access_key = md5($data->user->name . rand()); + $key->save(); + } + $view->rest_key = $key->access_key; + $data->content[] = (object)array("title" => t("Rest api"), "view" => $view); + } + } } diff --git a/modules/rest/views/user_profile_rest.html.php b/modules/rest/views/user_profile_rest.html.php new file mode 100644 index 00000000..3807817e --- /dev/null +++ b/modules/rest/views/user_profile_rest.html.php @@ -0,0 +1,8 @@ + +
      +
        +
      • +

        :

        +
        • +
      +
      -- cgit v1.2.3 From 445295a1ed8eb7dfc1caacfcb4211c312daaf257 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Sun, 24 Jan 2010 22:08:59 -0800 Subject: Insure that if original() is called and no original has been created, then create it before returning. Fixes ticket #989. --- modules/gallery/libraries/MY_ORM.php | 3 +++ 1 file changed, 3 insertions(+) (limited to 'modules') diff --git a/modules/gallery/libraries/MY_ORM.php b/modules/gallery/libraries/MY_ORM.php index 56c776aa..198a430b 100644 --- a/modules/gallery/libraries/MY_ORM.php +++ b/modules/gallery/libraries/MY_ORM.php @@ -49,6 +49,9 @@ class ORM extends ORM_Core { } public function original() { + if (!isset($this->original)) { + $this->original = clone $this; + } return $this->original; } } -- cgit v1.2.3 From 6023f2bb46598f9da096d63f7ab1dfb914eab6f7 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Mon, 25 Jan 2010 08:10:28 -0800 Subject: Remove the return url and change the return button on the user profile page to use javascript to return to the previous page. --- modules/gallery/controllers/user_profile.php | 1 - modules/gallery/helpers/user_profile.php | 3 +-- modules/gallery/views/user_profile.html.php | 10 ++++++++-- 3 files changed, 9 insertions(+), 5 deletions(-) (limited to 'modules') diff --git a/modules/gallery/controllers/user_profile.php b/modules/gallery/controllers/user_profile.php index 53c76a48..a0e6619e 100644 --- a/modules/gallery/controllers/user_profile.php +++ b/modules/gallery/controllers/user_profile.php @@ -33,7 +33,6 @@ class User_Profile_Controller extends Controller { $v->content->user = $user; $v->content->not_current = !$is_current_active; $v->content->editable = identity::is_writable() && $display_all; - $v->content->return = SafeString::of(Input::instance()->get("return")); $event_data = (object)array("user" => $user, "display_all" => $display_all, "content" => array()); module::event("show_user_profile", $event_data); diff --git a/modules/gallery/helpers/user_profile.php b/modules/gallery/helpers/user_profile.php index 018e1bd1..95a994bc 100644 --- a/modules/gallery/helpers/user_profile.php +++ b/modules/gallery/helpers/user_profile.php @@ -24,8 +24,7 @@ class user_profile_Core { * @return url for the profile display */ static function url($user_id) { - $return_url = urlencode(url::abs_current()); - return url::site("user_profile/show/{$user_id}?return=$return_url"); + return url::site("user_profile/show/{$user_id}"); } static function get_contact_form($user) { diff --git a/modules/gallery/views/user_profile.html.php b/modules/gallery/views/user_profile.html.php index bcfa5346..708b1613 100644 --- a/modules/gallery/views/user_profile.html.php +++ b/modules/gallery/views/user_profile.html.php @@ -21,8 +21,14 @@ border: none; padding: 0; } - + -- cgit v1.2.3 From f8b8103c24cb50612b061cb6a4787695b600735c Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Mon, 25 Jan 2010 19:49:52 -0800 Subject: Make only one attempt to restore the old identity provider in case of failure. Else, we can get into an infinite recursion. --- modules/gallery/libraries/IdentityProvider.php | 34 +++++++++++++++++--------- 1 file changed, 22 insertions(+), 12 deletions(-) (limited to 'modules') diff --git a/modules/gallery/libraries/IdentityProvider.php b/modules/gallery/libraries/IdentityProvider.php index e07838d1..2ed85bd1 100644 --- a/modules/gallery/libraries/IdentityProvider.php +++ b/modules/gallery/libraries/IdentityProvider.php @@ -86,18 +86,28 @@ class IdentityProvider_Core { auth::login($provider->admin_user()); Session::instance()->regenerate(); } catch (Exception $e) { - // Make sure new provider is not in the database - module::uninstall($new_provider); - - // Lets reset to the current provider so that the gallery installation is still - // working. - module::set_var("gallery", "identity_provider", null); - IdentityProvider::change_provider($current_provider); - module::activate($current_provider); - message::error( - t("Error attempting to enable \"%new_provider\" identity provider, " . - "reverted to \"%old_provider\" identity provider", - array("new_provider" => $new_provider, "old_provider" => $current_provider))); + static $restore_already_running; + + // In case of error, make an attempt to restore the old provider. Since that's calling into + // this function again and can fail, we should be sure not to get into an infinite recursion. + if (!$restore_already_running) { + $restore_already_running = true; + + // Make sure new provider is not in the database + module::uninstall($new_provider); + + // Lets reset to the current provider so that the gallery installation is still + // working. + module::set_var("gallery", "identity_provider", null); + IdentityProvider::change_provider($current_provider); + module::activate($current_provider); + message::error( + t("Error attempting to enable \"%new_provider\" identity provider, " . + "reverted to \"%old_provider\" identity provider", + array("new_provider" => $new_provider, "old_provider" => $current_provider))); + + $restore_already_running = false; + } throw $e; } } -- cgit v1.2.3 From 119297e2adc3dfb452d2337f4b167b3e00c5b7e6 Mon Sep 17 00:00:00 2001 From: Andy Staudacher Date: Mon, 25 Jan 2010 23:05:41 -0800 Subject: Apply html::clean() to UI visible strings, and show language names instead of locale tags to be consistent with the user edit form. --- modules/gallery/helpers/gallery_event.php | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) (limited to 'modules') diff --git a/modules/gallery/helpers/gallery_event.php b/modules/gallery/helpers/gallery_event.php index 6b70513a..b35ae3c4 100644 --- a/modules/gallery/helpers/gallery_event.php +++ b/modules/gallery/helpers/gallery_event.php @@ -381,18 +381,22 @@ class gallery_event_Core { static function show_user_profile($data) { $v = new View("user_profile_info.html"); - $fields = array("name" => t("Name"), "locale" => t("Locale"), "email" => t("Email"), - "full_name" => t("Full name"), "url" => "Web site"); + $fields = array("name" => t("Name"), "locale" => t("Language Preference"), + "email" => t("Email"), "full_name" => t("Full name"), "url" => "Web site"); if (!$data->display_all) { $fields = array("name" => t("Name"), "full_name" => t("Full name"), "url" => "Web site"); } $v->fields = array(); foreach ($fields as $field => $label) { if (!empty($data->user->$field)) { - $v->fields[(string)$label->for_html()] = $data->user->$field; + $value = $data->user->$field; + if ($field == "locale") { + $value = locales::display_name($value); + } + $v->fields[(string) $label] = html::clean($value); } } - $data->content[] = (object)array("title" => t("User information"), "view" => $v); + $data->content[] = (object) array("title" => t("User information"), "view" => $v); } } -- cgit v1.2.3 From accd00464e2d7e1d1fd0e24e1ee583a7baa73611 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Tue, 26 Jan 2010 07:03:14 -0800 Subject: Add a maintenance task that will clear the expired files (older than 2 weeks) from var/logs and var/tmp. Fixes ticket #982 --- modules/gallery/helpers/gallery_task.php | 74 +++++++++++++++++++++++++++++++- 1 file changed, 73 insertions(+), 1 deletion(-) (limited to 'modules') diff --git a/modules/gallery/helpers/gallery_task.php b/modules/gallery/helpers/gallery_task.php index b3b79e06..5402b5d1 100644 --- a/modules/gallery/helpers/gallery_task.php +++ b/modules/gallery/helpers/gallery_task.php @@ -37,6 +37,11 @@ class gallery_task_Core { ->description(t("Download new and updated translated strings")) ->severity(log::SUCCESS); + $tasks[] = Task_Definition::factory() + ->callback("gallery_task::file_cleanup") + ->name(t("Remove old files")) + ->description(t("Remove files from the logs and tmp directory")) + ->severity(log::SUCCESS); return $tasks; } @@ -116,7 +121,7 @@ class gallery_task_Core { } } - static function update_l10n(&$task) { + static function update_l10n($task) { $errors = array(); try { $start = microtime(true); @@ -218,4 +223,71 @@ class gallery_task_Core { $task->log($errors); } } + + /** + * Task that removes old files from var/logs and var/tmp. + * @param Task_Model the task + */ + static function file_cleanup($task) { + $errors = array(); + try { + $start = microtime(true); + $data = Cache::instance()->get("file_cleanup_cache:{$task->id}"); + if ($data) { + $files = unserialize($data); + } + $i = 0; + + switch ($task->get("mode", "init")) { + case "init": // 0% + $threshold = time() - 1209600; // older than 2 weeks + foreach(array("logs", "tmp") as $dir) { + $dir = VARPATH . $dir; + if ($dh = opendir($dir)) { + while (($file = readdir($dh)) !== false) { + if ($file[0] == ".") { + continue; + } + + if (filemtime("$dir/$file") <= $threshold) { + $files[] = "$dir/$file"; + } + } + } + } + $task->set("mode", "delete_files"); + $task->set("current", 0); + $task->set("total", count($files)); + Cache::instance()->set("file_cleanup_cache:{$task->id}", serialize($files)); + if (count($files) == 0) { + break; + } + case "delete_files": + $current = $task->get("current"); + $total = $task->get("total"); + while ($current < $total && microtime(true) - $start < 1) { + @unlink($files[$current]); + $task->log(t("%file removed", array("file" => $files[$current++]))); + } + $task->percent_complete = $current / $total * 100; + $task->set("current", $current); + } + + $task->status = t("Removed: %count files. Total: %total_count.", + array("count" => $current, "total_count" => $total)); + + if ($total == $current) { + $task->done = true; + $task->state = "success"; + } + } catch (Exception $e) { + $task->done = true; + $task->state = "error"; + $task->status = $e->getMessage(); + $errors[] = $e->__toString(); + } + if ($errors) { + $task->log($errors); + } + } } \ No newline at end of file -- cgit v1.2.3