From 2572e5810f9d66fa39fa97838818a25bf4f393f3 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Tue, 21 Jul 2009 07:29:14 -0700 Subject: Updated Kohana to r4468 --- system/libraries/Database.php | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'system') diff --git a/system/libraries/Database.php b/system/libraries/Database.php index 6267f63a..2039371c 100644 --- a/system/libraries/Database.php +++ b/system/libraries/Database.php @@ -2,7 +2,7 @@ /** * Provides database access in a platform agnostic way, using simple query building blocks. * - * $Id: Database.php 4342 2009-05-08 16:56:01Z jheathco $ + * $Id: Database.php 4438 2009-07-06 04:11:16Z kiall $ * * @package Core * @author Kohana Team @@ -1144,7 +1144,12 @@ class Database_Core { $query = $this->select('COUNT(*) AS '.$this->escape_column('records_found'))->get()->result(TRUE); - return (int) $query->current()->records_found; + $query = $query->current(); + + if ( ! $query) + return 0; + else + return (int) $query->records_found; } /** -- cgit v1.2.3 From 350c1b02670d971d3a389f786f46fb9be2dec8ed Mon Sep 17 00:00:00 2001 From: Romain LE DISEZ Date: Sun, 19 Jul 2009 00:49:47 +0200 Subject: Use BOOLEAN instead of integer to describe the permissions : - DENY = false - ALLOW = true - UNKNOW = null (for intent only) - INHERIT = null (for cache) Upgrade is not included for now. (cherry picked from commit 719c59e0402464a0e2b14915f6d10218ff5d4729) --- installer/install.sql | 32 ++++++++++++------------- modules/gallery/helpers/access.php | 31 +++++++++++++----------- modules/gallery/views/permissions_form.html.php | 2 +- modules/search/helpers/search.php | 2 +- system/libraries/drivers/Database.php | 4 ++-- 5 files changed, 37 insertions(+), 34 deletions(-) (limited to 'system') diff --git a/installer/install.sql b/installer/install.sql index bda576d1..b17b5888 100755 --- a/installer/install.sql +++ b/installer/install.sql @@ -4,12 +4,12 @@ DROP TABLE IF EXISTS {access_caches}; CREATE TABLE {access_caches} ( `id` int(9) NOT NULL auto_increment, `item_id` int(9) default NULL, - `view_full_1` smallint(6) NOT NULL default '0', - `edit_1` smallint(6) NOT NULL default '0', - `add_1` smallint(6) NOT NULL default '0', - `view_full_2` smallint(6) NOT NULL default '0', - `edit_2` smallint(6) NOT NULL default '0', - `add_2` smallint(6) NOT NULL default '0', + `view_full_1` binary(1) NOT NULL default false, + `edit_1` binary(1) NOT NULL default false, + `add_1` binary(1) NOT NULL default false, + `view_full_2` binary(1) NOT NULL default false, + `edit_2` binary(1) NOT NULL default false, + `add_2` binary(1) NOT NULL default false, PRIMARY KEY (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8; /*!40101 SET character_set_client = @saved_cs_client */; @@ -20,14 +20,14 @@ DROP TABLE IF EXISTS {access_intents}; CREATE TABLE {access_intents} ( `id` int(9) NOT NULL auto_increment, `item_id` int(9) default NULL, - `view_1` tinyint(1) default NULL, - `view_full_1` tinyint(1) default NULL, - `edit_1` tinyint(1) default NULL, - `add_1` tinyint(1) default NULL, - `view_2` tinyint(1) default NULL, - `view_full_2` tinyint(1) default NULL, - `edit_2` tinyint(1) default NULL, - `add_2` tinyint(1) default NULL, + `view_1` binary(1) default NULL, + `view_full_1` binary(1) default NULL, + `edit_1` binary(1) default NULL, + `add_1` binary(1) default NULL, + `view_2` binary(1) default NULL, + `view_full_2` binary(1) default NULL, + `edit_2` binary(1) default NULL, + `add_2` binary(1) default NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8; /*!40101 SET character_set_client = @saved_cs_client */; @@ -164,8 +164,8 @@ CREATE TABLE {items} ( `view_count` int(9) default '0', `weight` int(9) NOT NULL default '0', `width` int(9) default NULL, - `view_1` smallint(6) NOT NULL default '0', - `view_2` smallint(6) NOT NULL default '0', + `view_1` binary(1) default false, + `view_2` binary(1) default false, PRIMARY KEY (`id`), KEY `parent_id` (`parent_id`), KEY `type` (`type`), diff --git a/modules/gallery/helpers/access.php b/modules/gallery/helpers/access.php index 65316a8a..4130964d 100644 --- a/modules/gallery/helpers/access.php +++ b/modules/gallery/helpers/access.php @@ -66,9 +66,10 @@ * the Access_Intent_Model */ class access_Core { - const DENY = 0; - const ALLOW = 1; - const UNKNOWN = 2; + const DENY = false; + const ALLOW = true; + const INHERIT = null; // access_intent + const UNKNOWN = null; // cache (access_cache, items) /** * Does the active user have this permission on this item? @@ -141,7 +142,7 @@ class access_Core { * @param Group_Model $group * @param string $perm_name * @param Item_Model $item - * @return integer access::ALLOW, access::DENY or null for no intent + * @return boolean access::ALLOW, access::DENY or access::INHERIT (null) for no intent */ static function group_intent($group, $perm_name, $item) { $intent = model_cache::get("access_intent", $item->id, "item_id"); @@ -169,7 +170,7 @@ class access_Core { ->where("`right` >= $item->right") ->where("items.id <> $item->id") ->join("access_intents", "items.id", "access_intents.item_id") - ->where("access_intents.view_$group->id", 0) + ->where("access_intents.view_$group->id", access::DENY) ->orderby("level", "DESC") ->limit(1) ->find(); @@ -253,7 +254,7 @@ class access_Core { if ($item->id == 1) { throw new Exception("@todo CANT_RESET_ROOT_PERMISSION"); } - self::_set($group, $perm_name, $item, null); + self::_set($group, $perm_name, $item, access::INHERIT); } /** @@ -455,9 +456,10 @@ class access_Core { $db = Database::instance(); $field = "{$perm_name}_{$group->id}"; $cache_table = $perm_name == "view" ? "items" : "access_caches"; - $db->query("ALTER TABLE {{$cache_table}} ADD `$field` SMALLINT NOT NULL DEFAULT 0"); - $db->query("ALTER TABLE {access_intents} ADD `$field` BOOLEAN DEFAULT NULL"); - $db->update("access_intents", array($field => 0), array("item_id" => 1)); + $not_null = $cache_table == "items" ? "" : "NOT NULL"; + $db->query("ALTER TABLE {{$cache_table}} ADD `$field` BINARY $not_null DEFAULT FALSE"); + $db->query("ALTER TABLE {access_intents} ADD `$field` BINARY DEFAULT NULL"); + $db->update("access_intents", array($field => access::DENY), array("item_id" => 1)); model_cache::clear(); ORM::factory("access_intent")->clear_cache(); } @@ -513,7 +515,7 @@ class access_Core { ->where("left >=", $item->left) ->where("right <=", $item->right) ->where("type", "album") - ->where("access_intents.$field IS NOT", null) + ->where("access_intents.$field IS NOT", self::INHERIT) ->orderby("level", "DESC") ->find_all(); foreach ($query as $row) { @@ -557,12 +559,12 @@ class access_Core { // // @todo To optimize this, we wouldn't need to propagate from the parent, we could just // propagate from here with the parent's intent. - if ($access->$field === null) { + if ($access->$field === self::INHERIT) { $tmp_item = ORM::factory("item") ->join("access_intents", "items.id", "access_intents.item_id") ->where("left <", $item->left) ->where("right >", $item->right) - ->where("$field IS NOT", null) + ->where("$field IS NOT", self::UNKNOWN) ->orderby("left", "DESC") ->limit(1) ->find(); @@ -578,12 +580,13 @@ class access_Core { ->join("items", "items.id", "access_intents.item_id") ->where("left >=", $item->left) ->where("right <=", $item->right) - ->where("$field IS NOT", null) + ->where("$field IS NOT", self::INHERIT) ->orderby("level", "ASC") ->find_all(); foreach ($query as $row) { + $value = ($row->$field === access::ALLOW) ? "TRUE" : "FALSE"; $db->query( - "UPDATE {access_caches} SET `$field` = {$row->$field} " . + "UPDATE {access_caches} SET `$field` = $value " . "WHERE `item_id` IN " . " (SELECT `id` FROM {items} " . " WHERE `left` >= $row->left " . diff --git a/modules/gallery/views/permissions_form.html.php b/modules/gallery/views/permissions_form.html.php index 0f60070a..ee5e3a24 100644 --- a/modules/gallery/views/permissions_form.html.php +++ b/modules/gallery/views/permissions_form.html.php @@ -26,7 +26,7 @@ - + admin) { foreach (user::group_ids() as $id) { - $fields[] = "`view_$id` = " . access::ALLOW; + $fields[] = "`view_$id` = TRUE"; // access::ALLOW } $access_sql = "AND (" . join(" AND ", $fields) . ")"; } else { diff --git a/system/libraries/drivers/Database.php b/system/libraries/drivers/Database.php index 807469f6..27f6ea8e 100644 --- a/system/libraries/drivers/Database.php +++ b/system/libraries/drivers/Database.php @@ -120,7 +120,7 @@ abstract class Database_Driver { $key .= ' ='; } - $value = ($value == TRUE) ? ' 1' : ' 0'; + $value = ($value == TRUE) ? ' TRUE' : ' FALSE'; } else { @@ -310,7 +310,7 @@ abstract class Database_Driver { $value = '\''.$this->escape_str($value).'\''; break; case 'boolean': - $value = (int) $value; + $value = ($value == TRUE) ? 'TRUE' : 'FALSE'; break; case 'double': // Convert to non-locale aware float to prevent possible commas -- cgit v1.2.3 From 2282f9977eab2c32b5192506a124c9a3ccda7578 Mon Sep 17 00:00:00 2001 From: Romain LE DISEZ Date: Mon, 20 Jul 2009 10:51:07 +0200 Subject: Improve PgSQL compatibility in Kohana ( see http://dev.kohanaphp.com/issues/1855 ) (cherry picked from commit 8cbf43ed2abe9772045766e598bb9fe3d4def983) --- system/libraries/ORM.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'system') diff --git a/system/libraries/ORM.php b/system/libraries/ORM.php index c1048604..5196ba27 100644 --- a/system/libraries/ORM.php +++ b/system/libraries/ORM.php @@ -1295,7 +1295,9 @@ class ORM_Core { $value = (float) $value; break; case 'boolean': - $value = (bool) $value; + if ($value === "t") $value = true; // For PgSQL + else if ($value === "f") $value = false; // For PgSQL + else $value = (bool) $value; break; case 'string': $value = (string) $value; -- cgit v1.2.3 From c01ac42c4604b3b129e8089e0dc683ebd418b380 Mon Sep 17 00:00:00 2001 From: Andy Staudacher Date: Sat, 29 Aug 2009 12:48:40 -0700 Subject: Refactor all calls of p::clean() to SafeString::of() and p::purify() to SafeString::purify(). Removing any p::clean() calls for arguments to t() and t2() since their args are wrapped in a SafeString anyway. --- modules/comment/controllers/comments.php | 8 +++--- modules/comment/helpers/comment_rss.php | 8 +++--- .../views/admin_block_recent_comments.html.php | 6 ++--- modules/comment/views/admin_comments.html.php | 10 ++++---- modules/comment/views/comment.html.php | 6 ++--- modules/comment/views/comment.mrss.php | 12 ++++----- modules/comment/views/comments.html.php | 6 ++--- modules/digibug/controllers/digibug.php | 2 +- modules/exif/views/exif_dialog.html.php | 4 +-- modules/g2_import/helpers/g2_import.php | 2 +- .../controllers/admin_advanced_settings.php | 2 +- modules/gallery/controllers/movies.php | 2 +- modules/gallery/controllers/photos.php | 2 +- modules/gallery/controllers/quick.php | 10 ++++---- modules/gallery/helpers/gallery_rss.php | 4 +-- modules/gallery/helpers/gallery_task.php | 4 +-- modules/gallery/helpers/p.php | 29 ---------------------- .../gallery/views/admin_advanced_settings.html.php | 8 +++--- .../gallery/views/admin_block_log_entries.html.php | 2 +- .../views/admin_block_photo_stream.html.php | 4 +-- modules/gallery/views/admin_maintenance.html.php | 2 +- .../views/admin_maintenance_show_log.html.php | 2 +- modules/gallery/views/after_install.html.php | 2 +- modules/gallery/views/move_tree.html.php | 8 +++--- modules/gallery/views/permissions_browse.html.php | 4 +-- modules/gallery/views/permissions_form.html.php | 2 +- modules/gallery/views/simple_uploader.html.php | 6 ++--- modules/info/views/info_block.html.php | 10 ++++---- .../notification/views/comment_published.html.php | 12 ++++----- modules/notification/views/item_added.html.php | 8 +++--- modules/notification/views/item_deleted.html.php | 6 ++--- modules/notification/views/item_updated.html.php | 12 ++++----- modules/organize/controllers/organize.php | 10 ++++---- modules/organize/views/organize.html.php | 2 +- modules/organize/views/organize_album.html.php | 2 +- modules/rss/views/feed.mrss.php | 14 +++++------ modules/search/views/search.html.php | 10 ++++---- .../server_add/controllers/admin_server_add.php | 4 +-- modules/server_add/views/server_add_tree.html.php | 2 +- .../views/server_add_tree_dialog.html.php | 6 ++--- modules/tag/controllers/admin_tags.php | 8 +++--- modules/tag/helpers/tag_rss.php | 2 +- modules/tag/views/admin_tags.html.php | 2 +- modules/tag/views/tag_cloud.html.php | 2 +- modules/user/controllers/admin_users.php | 14 +++++------ modules/user/controllers/login.php | 4 +-- modules/user/controllers/logout.php | 4 +-- modules/user/controllers/password.php | 2 +- modules/user/views/admin_users.html.php | 8 +++--- modules/user/views/admin_users_group.html.php | 8 +++--- modules/user/views/login.html.php | 6 ++--- modules/user/views/reset_password.html.php | 2 +- system/helpers/request.php | 2 +- themes/default/views/album.html.php | 4 +-- themes/default/views/dynamic.html.php | 4 +-- themes/default/views/header.html.php | 4 +-- themes/default/views/movie.html.php | 4 +-- themes/default/views/page.html.php | 8 +++--- themes/default/views/photo.html.php | 4 +-- 59 files changed, 159 insertions(+), 188 deletions(-) delete mode 100644 modules/gallery/helpers/p.php (limited to 'system') diff --git a/modules/comment/controllers/comments.php b/modules/comment/controllers/comments.php index 9fb4796e..87633f4c 100644 --- a/modules/comment/controllers/comments.php +++ b/modules/comment/controllers/comments.php @@ -39,9 +39,9 @@ class Comments_Controller extends REST_Controller { foreach ($comments as $comment) { $data[] = array( "id" => $comment->id, - "author_name" => p::clean($comment->author_name()), + "author_name" => SafeString::of($comment->author_name()), "created" => $comment->created, - "text" => nl2br(p::purify($comment->text))); + "text" => nl2br(SafeString::purify($comment->text))); } print json_encode($data); break; @@ -126,9 +126,9 @@ class Comments_Controller extends REST_Controller { array("result" => "success", "data" => array( "id" => $comment->id, - "author_name" => p::clean($comment->author_name()), + "author_name" => SafeString::of($comment->author_name()), "created" => $comment->created, - "text" => nl2br(p::purify($comment->text))))); + "text" => nl2br(SafeString::purify($comment->text))))); } else { $view = new Theme_View("comment.html", "fragment"); $view->comment = $comment; diff --git a/modules/comment/helpers/comment_rss.php b/modules/comment/helpers/comment_rss.php index ab3d2283..d0f15010 100644 --- a/modules/comment/helpers/comment_rss.php +++ b/modules/comment/helpers/comment_rss.php @@ -23,7 +23,7 @@ class comment_rss_Core { $feeds["comment/newest"] = t("All new comments"); if ($item) { $feeds["comment/item/$item->id"] = - t("Comments on %title", array("title" => p::purify($item->title))); + t("Comments on %title", array("title" => SafeString::purify($item->title))); } return $feeds; } @@ -53,13 +53,13 @@ class comment_rss_Core { $item = $comment->item(); $feed->children[] = new ArrayObject( array("pub_date" => date("D, d M Y H:i:s T", $comment->created), - "text" => nl2br(p::purify($comment->text)), + "text" => nl2br(SafeString::purify($comment->text)), "thumb_url" => $item->thumb_url(), "thumb_height" => $item->thumb_height, "thumb_width" => $item->thumb_width, "item_uri" => url::abs_site("{$item->type}s/$item->id"), - "title" => p::purify($item->title), - "author" => p::clean($comment->author_name())), + "title" => SafeString::purify($item->title), + "author" => SafeString::of($comment->author_name())), ArrayObject::ARRAY_AS_PROPS); } diff --git a/modules/comment/views/admin_block_recent_comments.html.php b/modules/comment/views/admin_block_recent_comments.html.php index 516a8181..2c7a5cf1 100644 --- a/modules/comment/views/admin_block_recent_comments.html.php +++ b/modules/comment/views/admin_block_recent_comments.html.php @@ -4,13 +4,13 @@
  • "> " class="gAvatar" - alt="author_name()) ?>" + alt="author_name()) ?>" width="32" height="32" /> created) ?> %author_name said %comment_text', - array("author_name" => p::clean($comment->author_name()), - "comment_text" => text::limit_words(nl2br(p::purify($comment->text)), 50))); ?> + array("author_name" => SafeString::of($comment->author_name()), + "comment_text" => text::limit_words(nl2br(SafeString::purify($comment->text)), 50))); ?>
    • diff --git a/modules/comment/views/admin_comments.html.php b/modules/comment/views/admin_comments.html.php index 9fe7164b..b27e3166 100644 --- a/modules/comment/views/admin_comments.html.php +++ b/modules/comment/views/admin_comments.html.php @@ -108,12 +108,12 @@ " class="gAvatar" - alt="author_name()) ?>" + alt="author_name()) ?>" width="40" height="40" /> -

    author_name()) ?>

    +

    author_name()) ?>

    @@ -122,7 +122,7 @@ has_thumb()): ?> <?= p::purify($item->title) ?>thumb_width, $item->thumb_height, 75) ?> /> @@ -132,7 +132,7 @@

    created) ?>

    - text)) ?> + text)) ?>