Date: Sun, 26 Jul 2009 16:02:53 -0600 Subject: Missed committing the gBanner addition to the view template. --- themes/default/views/header.html.php | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) (limited to 'themes/default/views') diff --git a/themes/default/views/header.html.php b/themes/default/views/header.html.php index c903edf5..2ba1e923 100644 --- a/themes/default/views/header.html.php +++ b/themes/default/views/header.html.php @@ -1,19 +1,19 @@ -header_top() ?> - - - -" title=""> -

" src="url("images/logo.png") ?>" /> - - - -

-site_menu() ?> +

+ header_top() ?> + + + + " title=""> +

" src="url("images/logo.png") ?>" /> + + +

+ site_menu() ?> +

+ header_bottom() ?>

-header_bottom() ?> -

Date: Mon, 27 Jul 2009 12:39:12 -0700 Subject: Allow a theme to override the page refresh mechanism. Create a new javascript lib (gallery.reload.js) which defines the functions gallery_reload() and gallery_location(new_location). They just do a window.location.reload() and window.location = new_location. This change breaks the assumption that all themes will handle page reloads the same and allows the theme to customize the page refresh. --- lib/gallery.dialog.js | 4 +- lib/gallery.panel.js | 4 +- lib/gallery.reload.js | 16 +++++ modules/gallery/js/quick.js | 4 +- modules/gallery/tests/xss_data.txt | 68 +++++++++++----------- .../views/admin_maintenance_show_log.html.php | 2 +- .../gallery/views/admin_maintenance_task.html.php | 2 +- modules/organize/js/organize.js | 2 +- .../views/server_add_tree_dialog.html.php | 2 +- modules/tag/js/tag.js | 2 +- themes/admin_default/views/admin.html.php | 2 + themes/default/views/page.html.php | 2 + 12 files changed, 66 insertions(+), 44 deletions(-) create mode 100644 lib/gallery.reload.js (limited to 'themes/default/views') diff --git a/lib/gallery.dialog.js b/lib/gallery.dialog.js index 74c2f20e..0efcf120 100644 --- a/lib/gallery.dialog.js +++ b/lib/gallery.dialog.js @@ -25,9 +25,9 @@ function ajaxify_dialog() { } if (data.result == "success") { if (data.location) { - window.location = data.location; + $.gallery_location(data.location); } else { - window.location.reload(); + $.gallery_reload(); } } } diff --git a/lib/gallery.panel.js b/lib/gallery.panel.js index 022e4878..26be11ad 100644 --- a/lib/gallery.panel.js +++ b/lib/gallery.panel.js @@ -40,9 +40,9 @@ function togglePanel(element, on_success) { if (on_success) { on_success(); } else if (data.location) { - window.location = data.location; + $.gallery_location(data.location); } else { - window.location.reload(); + $.gallery_reload(); } } } diff --git a/lib/gallery.reload.js b/lib/gallery.reload.js new file mode 100644 index 00000000..2c8752a0 --- /dev/null +++ b/lib/gallery.reload.js @@ -0,0 +1,16 @@ +/** + * To change this template, choose Tools | Templates + * and open the template in the editor. + */ +(function ($) { + $.gallery_reload = function() { + window.location.reload(); + }; +})(jQuery); + +// Vertically align a block element's content +(function ($) { + $.gallery_location = function(location) { + window.location = location; + }; +})(jQuery); diff --git a/modules/gallery/js/quick.js b/modules/gallery/js/quick.js index fda6470f..4753808e 100644 --- a/modules/gallery/js/quick.js +++ b/modules/gallery/js/quick.js @@ -67,9 +67,9 @@ var quick_do = function(cont, pane, img) { img.css("margin-top", 0); } } else if (data.location) { - window.location = data.location; + $.gallery_location(data.location); } else if (data.reload) { - window.location.reload(); + $.gallery_reload(); } } }); diff --git a/modules/gallery/tests/xss_data.txt b/modules/gallery/tests/xss_data.txt index 45f7c7ec..b1cb295b 100644 --- a/modules/gallery/tests/xss_data.txt +++ b/modules/gallery/tests/xss_data.txt @@ -498,24 +498,25 @@ themes/admin_default/views/admin.html.php 20 DIRTY $theme->s themes/admin_default/views/admin.html.php 21 DIRTY $theme->script("jquery.form.js") themes/admin_default/views/admin.html.php 22 DIRTY $theme->script("jquery-ui.js") themes/admin_default/views/admin.html.php 23 DIRTY $theme->script("gallery.common.js") -themes/admin_default/views/admin.html.php 28 DIRTY $theme->script("gallery.dialog.js") -themes/admin_default/views/admin.html.php 29 DIRTY $theme->script("superfish/js/superfish.js") -themes/admin_default/views/admin.html.php 30 DIRTY $theme->script("jquery.dropshadow.js") -themes/admin_default/views/admin.html.php 31 DIRTY $theme->script("ui.init.js") -themes/admin_default/views/admin.html.php 33 DIRTY $theme->admin_head() -themes/admin_default/views/admin.html.php 36 DIRTY $theme->body_attributes() -themes/admin_default/views/admin.html.php 37 DIRTY $theme->admin_page_top() -themes/admin_default/views/admin.html.php 43 DIRTY $theme->site_status() -themes/admin_default/views/admin.html.php 45 DIRTY $theme->admin_header_top() -themes/admin_default/views/admin.html.php 48 DIRTY $csrf -themes/admin_default/views/admin.html.php 54 DIRTY $theme->admin_menu() -themes/admin_default/views/admin.html.php 56 DIRTY $theme->admin_header_bottom() -themes/admin_default/views/admin.html.php 62 DIRTY $theme->messages() -themes/admin_default/views/admin.html.php 63 DIRTY $content -themes/admin_default/views/admin.html.php 69 DIRTY $sidebar -themes/admin_default/views/admin.html.php 74 DIRTY $theme->admin_footer() -themes/admin_default/views/admin.html.php 76 DIRTY $theme->admin_credits() -themes/admin_default/views/admin.html.php 80 DIRTY $theme->admin_page_bottom() +themes/admin_default/views/admin.html.php 25 DIRTY $theme->script("gallery.reload.js") +themes/admin_default/views/admin.html.php 30 DIRTY $theme->script("gallery.dialog.js") +themes/admin_default/views/admin.html.php 31 DIRTY $theme->script("superfish/js/superfish.js") +themes/admin_default/views/admin.html.php 32 DIRTY $theme->script("jquery.dropshadow.js") +themes/admin_default/views/admin.html.php 33 DIRTY $theme->script("ui.init.js") +themes/admin_default/views/admin.html.php 35 DIRTY $theme->admin_head() +themes/admin_default/views/admin.html.php 38 DIRTY $theme->body_attributes() +themes/admin_default/views/admin.html.php 39 DIRTY $theme->admin_page_top() +themes/admin_default/views/admin.html.php 45 DIRTY $theme->site_status() +themes/admin_default/views/admin.html.php 47 DIRTY $theme->admin_header_top() +themes/admin_default/views/admin.html.php 50 DIRTY $csrf +themes/admin_default/views/admin.html.php 56 DIRTY $theme->admin_menu() +themes/admin_default/views/admin.html.php 58 DIRTY $theme->admin_header_bottom() +themes/admin_default/views/admin.html.php 64 DIRTY $theme->messages() +themes/admin_default/views/admin.html.php 65 DIRTY $content +themes/admin_default/views/admin.html.php 71 DIRTY $sidebar +themes/admin_default/views/admin.html.php 76 DIRTY $theme->admin_footer() +themes/admin_default/views/admin.html.php 78 DIRTY $theme->admin_credits() +themes/admin_default/views/admin.html.php 82 DIRTY $theme->admin_page_bottom() themes/admin_default/views/block.html.php 2 DIRTY $id themes/admin_default/views/block.html.php 2 DIRTY $css_id themes/admin_default/views/block.html.php 5 DIRTY $id @@ -603,21 +604,22 @@ themes/default/views/page.html.php 48 DIRTY $theme->s themes/default/views/page.html.php 49 DIRTY $theme->script("jquery.form.js") themes/default/views/page.html.php 50 DIRTY $theme->script("jquery-ui.js") themes/default/views/page.html.php 51 DIRTY $theme->script("gallery.common.js") -themes/default/views/page.html.php 56 DIRTY $theme->script("gallery.dialog.js") -themes/default/views/page.html.php 57 DIRTY $theme->script("gallery.form.js") -themes/default/views/page.html.php 58 DIRTY $theme->script("superfish/js/superfish.js") -themes/default/views/page.html.php 59 DIRTY $theme->script("jquery.localscroll.js") -themes/default/views/page.html.php 60 DIRTY $theme->script("ui.init.js") -themes/default/views/page.html.php 64 DIRTY $theme->script("jquery.scrollTo.js") -themes/default/views/page.html.php 65 DIRTY $theme->script("gallery.show_full_size.js") -themes/default/views/page.html.php 67 DIRTY $theme->script("flowplayer.js") -themes/default/views/page.html.php 70 DIRTY $theme->head() -themes/default/views/page.html.php 73 DIRTY $theme->body_attributes() -themes/default/views/page.html.php 74 DIRTY $theme->page_top() -themes/default/views/page.html.php 76 DIRTY $theme->site_status() -themes/default/views/page.html.php 84 DIRTY $theme->messages() -themes/default/views/page.html.php 85 DIRTY $content -themes/default/views/page.html.php 99 DIRTY $theme->page_bottom() +themes/default/views/page.html.php 53 DIRTY $theme->script("gallery.reload.js") +themes/default/views/page.html.php 58 DIRTY $theme->script("gallery.dialog.js") +themes/default/views/page.html.php 59 DIRTY $theme->script("gallery.form.js") +themes/default/views/page.html.php 60 DIRTY $theme->script("superfish/js/superfish.js") +themes/default/views/page.html.php 61 DIRTY $theme->script("jquery.localscroll.js") +themes/default/views/page.html.php 62 DIRTY $theme->script("ui.init.js") +themes/default/views/page.html.php 66 DIRTY $theme->script("jquery.scrollTo.js") +themes/default/views/page.html.php 67 DIRTY $theme->script("gallery.show_full_size.js") +themes/default/views/page.html.php 69 DIRTY $theme->script("flowplayer.js") +themes/default/views/page.html.php 72 DIRTY $theme->head() +themes/default/views/page.html.php 75 DIRTY $theme->body_attributes() +themes/default/views/page.html.php 76 DIRTY $theme->page_top() +themes/default/views/page.html.php 78 DIRTY $theme->site_status() +themes/default/views/page.html.php 86 DIRTY $theme->messages() +themes/default/views/page.html.php 87 DIRTY $content +themes/default/views/page.html.php 101 DIRTY $theme->page_bottom() themes/default/views/pager.html.php 13 DIRTY $url themes/default/views/pager.html.php 20 DIRTY $previous_page themes/default/views/pager.html.php 20 DIRTY $url diff --git a/modules/gallery/views/admin_maintenance_show_log.html.php b/modules/gallery/views/admin_maintenance_show_log.html.php index 9d850986..ac593de7 100644 --- a/modules/gallery/views/admin_maintenance_show_log.html.php +++ b/modules/gallery/views/admin_maintenance_show_log.html.php @@ -1,7 +1,7 @@

diff --git a/modules/organize/js/organize.js b/modules/organize/js/organize.js index f10cbcc9..12d8a5b5 100644 --- a/modules/organize/js/organize.js +++ b/modules/organize/js/organize.js @@ -374,7 +374,7 @@ function organize_dialog_init() { } $("#gDialog").bind("organize_close", function(target) { - document.location.reload(); + $.gallery_reload(); }); heightMicroThumbPanel -= 2 * parseFloat($("#gDialog").css("padding-top")); diff --git a/modules/server_add/views/server_add_tree_dialog.html.php b/modules/server_add/views/server_add_tree_dialog.html.php index 21952849..8dfd2c38 100644 --- a/modules/server_add/views/server_add_tree_dialog.html.php +++ b/modules/server_add/views/server_add_tree_dialog.html.php @@ -34,7 +34,7 @@ - diff --git a/modules/tag/js/tag.js b/modules/tag/js/tag.js index bbf44166..22a1a7a3 100644 --- a/modules/tag/js/tag.js +++ b/modules/tag/js/tag.js @@ -59,7 +59,7 @@ function editInPlace(element) { closeEditInPlaceForms(); // close form $("#gTag-" + data.tag_id).text(data.new_tagname); // update tagname console.log(data); - window.location.reload(); + $.gallery_reload(); } } }); diff --git a/themes/admin_default/views/admin.html.php b/themes/admin_default/views/admin.html.php index d27f9260..63fc45b5 100644 --- a/themes/admin_default/views/admin.html.php +++ b/themes/admin_default/views/admin.html.php @@ -21,6 +21,8 @@ script("jquery.form.js") ?> script("jquery-ui.js") ?> script("gallery.common.js") ?> + + script("gallery.reload.js") ?> photo_bottom() ?> + context_menu($item) ?>

diff --git a/themes/default/views/photo.html.php b/themes/default/views/photo.html.php index bf4d9da3..cf8bebdd 100644 --- a/themes/default/views/photo.html.php +++ b/themes/default/views/photo.html.php @@ -47,6 +47,7 @@ resize_bottom($item) ?> + context_menu($item) ?>

-- cgit v1.2.3 From 9f396178cedc96abb282e72ff0e843e255c8225a Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Wed, 5 Aug 2009 09:24:27 -0700 Subject: Revert "Allow a theme to override the page refresh mechanism. Create a new" This reverts commit 1f014aae6c16bbda62d8f5937180f11ccb0eb1b1. --- lib/gallery.dialog.js | 4 +- lib/gallery.panel.js | 4 +- lib/gallery.reload.js | 16 ----- modules/gallery/js/quick.js | 4 +- modules/gallery/tests/xss_data.txt | 68 +++++++++++----------- .../views/admin_maintenance_show_log.html.php | 2 +- .../gallery/views/admin_maintenance_task.html.php | 2 +- modules/organize/js/organize.js | 2 +- .../views/server_add_tree_dialog.html.php | 2 +- modules/tag/js/tag.js | 2 +- themes/admin_default/views/admin.html.php | 2 - themes/default/views/page.html.php | 2 - 12 files changed, 44 insertions(+), 66 deletions(-) delete mode 100644 lib/gallery.reload.js (limited to 'themes/default/views') diff --git a/lib/gallery.dialog.js b/lib/gallery.dialog.js index 0efcf120..74c2f20e 100644 --- a/lib/gallery.dialog.js +++ b/lib/gallery.dialog.js @@ -25,9 +25,9 @@ function ajaxify_dialog() { } if (data.result == "success") { if (data.location) { - $.gallery_location(data.location); + window.location = data.location; } else { - $.gallery_reload(); + window.location.reload(); } } } diff --git a/lib/gallery.panel.js b/lib/gallery.panel.js index 26be11ad..022e4878 100644 --- a/lib/gallery.panel.js +++ b/lib/gallery.panel.js @@ -40,9 +40,9 @@ function togglePanel(element, on_success) { if (on_success) { on_success(); } else if (data.location) { - $.gallery_location(data.location); + window.location = data.location; } else { - $.gallery_reload(); + window.location.reload(); } } } diff --git a/lib/gallery.reload.js b/lib/gallery.reload.js deleted file mode 100644 index 2c8752a0..00000000 --- a/lib/gallery.reload.js +++ /dev/null @@ -1,16 +0,0 @@ -/** - * To change this template, choose Tools | Templates - * and open the template in the editor. - */ -(function ($) { - $.gallery_reload = function() { - window.location.reload(); - }; -})(jQuery); - -// Vertically align a block element's content -(function ($) { - $.gallery_location = function(location) { - window.location = location; - }; -})(jQuery); diff --git a/modules/gallery/js/quick.js b/modules/gallery/js/quick.js index 4753808e..fda6470f 100644 --- a/modules/gallery/js/quick.js +++ b/modules/gallery/js/quick.js @@ -67,9 +67,9 @@ var quick_do = function(cont, pane, img) { img.css("margin-top", 0); } } else if (data.location) { - $.gallery_location(data.location); + window.location = data.location; } else if (data.reload) { - $.gallery_reload(); + window.location.reload(); } } }); diff --git a/modules/gallery/tests/xss_data.txt b/modules/gallery/tests/xss_data.txt index 29d223b7..0e118ce7 100644 --- a/modules/gallery/tests/xss_data.txt +++ b/modules/gallery/tests/xss_data.txt @@ -496,25 +496,24 @@ themes/admin_default/views/admin.html.php 20 DIRTY $theme->s themes/admin_default/views/admin.html.php 21 DIRTY $theme->script("jquery.form.js") themes/admin_default/views/admin.html.php 22 DIRTY $theme->script("jquery-ui.js") themes/admin_default/views/admin.html.php 23 DIRTY $theme->script("gallery.common.js") -themes/admin_default/views/admin.html.php 25 DIRTY $theme->script("gallery.reload.js") -themes/admin_default/views/admin.html.php 30 DIRTY $theme->script("gallery.dialog.js") -themes/admin_default/views/admin.html.php 31 DIRTY $theme->script("superfish/js/superfish.js") -themes/admin_default/views/admin.html.php 32 DIRTY $theme->script("jquery.dropshadow.js") -themes/admin_default/views/admin.html.php 33 DIRTY $theme->script("ui.init.js") -themes/admin_default/views/admin.html.php 35 DIRTY $theme->admin_head() -themes/admin_default/views/admin.html.php 38 DIRTY $theme->body_attributes() -themes/admin_default/views/admin.html.php 39 DIRTY $theme->admin_page_top() -themes/admin_default/views/admin.html.php 45 DIRTY $theme->site_status() -themes/admin_default/views/admin.html.php 47 DIRTY $theme->admin_header_top() -themes/admin_default/views/admin.html.php 50 DIRTY $csrf -themes/admin_default/views/admin.html.php 56 DIRTY $theme->admin_menu() -themes/admin_default/views/admin.html.php 58 DIRTY $theme->admin_header_bottom() -themes/admin_default/views/admin.html.php 64 DIRTY $theme->messages() -themes/admin_default/views/admin.html.php 65 DIRTY $content -themes/admin_default/views/admin.html.php 71 DIRTY $sidebar -themes/admin_default/views/admin.html.php 76 DIRTY $theme->admin_footer() -themes/admin_default/views/admin.html.php 78 DIRTY $theme->admin_credits() -themes/admin_default/views/admin.html.php 82 DIRTY $theme->admin_page_bottom() +themes/admin_default/views/admin.html.php 28 DIRTY $theme->script("gallery.dialog.js") +themes/admin_default/views/admin.html.php 29 DIRTY $theme->script("superfish/js/superfish.js") +themes/admin_default/views/admin.html.php 30 DIRTY $theme->script("jquery.dropshadow.js") +themes/admin_default/views/admin.html.php 31 DIRTY $theme->script("ui.init.js") +themes/admin_default/views/admin.html.php 33 DIRTY $theme->admin_head() +themes/admin_default/views/admin.html.php 36 DIRTY $theme->body_attributes() +themes/admin_default/views/admin.html.php 37 DIRTY $theme->admin_page_top() +themes/admin_default/views/admin.html.php 43 DIRTY $theme->site_status() +themes/admin_default/views/admin.html.php 45 DIRTY $theme->admin_header_top() +themes/admin_default/views/admin.html.php 48 DIRTY $csrf +themes/admin_default/views/admin.html.php 54 DIRTY $theme->admin_menu() +themes/admin_default/views/admin.html.php 56 DIRTY $theme->admin_header_bottom() +themes/admin_default/views/admin.html.php 62 DIRTY $theme->messages() +themes/admin_default/views/admin.html.php 63 DIRTY $content +themes/admin_default/views/admin.html.php 69 DIRTY $sidebar +themes/admin_default/views/admin.html.php 74 DIRTY $theme->admin_footer() +themes/admin_default/views/admin.html.php 76 DIRTY $theme->admin_credits() +themes/admin_default/views/admin.html.php 80 DIRTY $theme->admin_page_bottom() themes/admin_default/views/block.html.php 2 DIRTY $id themes/admin_default/views/block.html.php 2 DIRTY $css_id themes/admin_default/views/block.html.php 5 DIRTY $id @@ -602,22 +601,21 @@ themes/default/views/page.html.php 48 DIRTY $theme->s themes/default/views/page.html.php 49 DIRTY $theme->script("jquery.form.js") themes/default/views/page.html.php 50 DIRTY $theme->script("jquery-ui.js") themes/default/views/page.html.php 51 DIRTY $theme->script("gallery.common.js") -themes/default/views/page.html.php 53 DIRTY $theme->script("gallery.reload.js") -themes/default/views/page.html.php 58 DIRTY $theme->script("gallery.dialog.js") -themes/default/views/page.html.php 59 DIRTY $theme->script("gallery.form.js") -themes/default/views/page.html.php 60 DIRTY $theme->script("superfish/js/superfish.js") -themes/default/views/page.html.php 61 DIRTY $theme->script("jquery.localscroll.js") -themes/default/views/page.html.php 62 DIRTY $theme->script("ui.init.js") -themes/default/views/page.html.php 66 DIRTY $theme->script("jquery.scrollTo.js") -themes/default/views/page.html.php 67 DIRTY $theme->script("gallery.show_full_size.js") -themes/default/views/page.html.php 69 DIRTY $theme->script("flowplayer.js") -themes/default/views/page.html.php 72 DIRTY $theme->head() -themes/default/views/page.html.php 75 DIRTY $theme->body_attributes() -themes/default/views/page.html.php 76 DIRTY $theme->page_top() -themes/default/views/page.html.php 78 DIRTY $theme->site_status() -themes/default/views/page.html.php 86 DIRTY $theme->messages() -themes/default/views/page.html.php 87 DIRTY $content -themes/default/views/page.html.php 101 DIRTY $theme->page_bottom() +themes/default/views/page.html.php 56 DIRTY $theme->script("gallery.dialog.js") +themes/default/views/page.html.php 57 DIRTY $theme->script("gallery.form.js") +themes/default/views/page.html.php 58 DIRTY $theme->script("superfish/js/superfish.js") +themes/default/views/page.html.php 59 DIRTY $theme->script("jquery.localscroll.js") +themes/default/views/page.html.php 60 DIRTY $theme->script("ui.init.js") +themes/default/views/page.html.php 64 DIRTY $theme->script("jquery.scrollTo.js") +themes/default/views/page.html.php 65 DIRTY $theme->script("gallery.show_full_size.js") +themes/default/views/page.html.php 67 DIRTY $theme->script("flowplayer.js") +themes/default/views/page.html.php 70 DIRTY $theme->head() +themes/default/views/page.html.php 73 DIRTY $theme->body_attributes() +themes/default/views/page.html.php 74 DIRTY $theme->page_top() +themes/default/views/page.html.php 76 DIRTY $theme->site_status() +themes/default/views/page.html.php 84 DIRTY $theme->messages() +themes/default/views/page.html.php 85 DIRTY $content +themes/default/views/page.html.php 99 DIRTY $theme->page_bottom() themes/default/views/pager.html.php 13 DIRTY $url themes/default/views/pager.html.php 20 DIRTY $previous_page themes/default/views/pager.html.php 20 DIRTY $url diff --git a/modules/gallery/views/admin_maintenance_show_log.html.php b/modules/gallery/views/admin_maintenance_show_log.html.php index ac593de7..9d850986 100644 --- a/modules/gallery/views/admin_maintenance_show_log.html.php +++ b/modules/gallery/views/admin_maintenance_show_log.html.php @@ -1,7 +1,7 @@

diff --git a/modules/organize/js/organize.js b/modules/organize/js/organize.js index 12d8a5b5..f10cbcc9 100644 --- a/modules/organize/js/organize.js +++ b/modules/organize/js/organize.js @@ -374,7 +374,7 @@ function organize_dialog_init() { } $("#gDialog").bind("organize_close", function(target) { - $.gallery_reload(); + document.location.reload(); }); heightMicroThumbPanel -= 2 * parseFloat($("#gDialog").css("padding-top")); diff --git a/modules/server_add/views/server_add_tree_dialog.html.php b/modules/server_add/views/server_add_tree_dialog.html.php index 8dfd2c38..21952849 100644 --- a/modules/server_add/views/server_add_tree_dialog.html.php +++ b/modules/server_add/views/server_add_tree_dialog.html.php @@ -34,7 +34,7 @@ - diff --git a/modules/tag/js/tag.js b/modules/tag/js/tag.js index 564de393..765c2a35 100644 --- a/modules/tag/js/tag.js +++ b/modules/tag/js/tag.js @@ -59,7 +59,7 @@ function editInPlace(element) { closeEditInPlaceForms(); // close form $("#gTag-" + data.tag_id).text(data.new_tagname); // update tagname console.log(data); - $.gallery_reload(); + window.location.reload(); } } }); diff --git a/themes/admin_default/views/admin.html.php b/themes/admin_default/views/admin.html.php index 63fc45b5..d27f9260 100644 --- a/themes/admin_default/views/admin.html.php +++ b/themes/admin_default/views/admin.html.php @@ -21,8 +21,6 @@ script("jquery.form.js") ?> script("jquery-ui.js") ?> script("gallery.common.js") ?> - - script("gallery.reload.js") ?> + script("gallery.ajax.js") ?> script("gallery.dialog.js") ?> script("superfish/js/superfish.js") ?> script("jquery.dropshadow.js") ?> diff --git a/themes/default/js/ui.init.js b/themes/default/js/ui.init.js index 3726d305..60482972 100644 --- a/themes/default/js/ui.init.js +++ b/themes/default/js/ui.init.js @@ -34,6 +34,7 @@ $(document).ready(function() { // Initialize dialogs $("#gLoginLink").addClass("gDialogLink"); $(".gDialogLink").gallery_dialog(); + $(".gAjaxLink").gallery_ajax(); // Initialize view menu if ($("#gViewMenu").length) { @@ -100,8 +101,8 @@ $(document).ready(function() { $(".gContextMenu").hover( function() { $(this).find("ul").slideDown("fast"); - var dialogLinks = $(this).find(".gDialogLink"); - $(dialogLinks).gallery_dialog(); + $(this).find(".gDialogLink").gallery_dialog(); + $(this).find(".gAjaxLink").gallery_ajax(); }, function() { $(this).find("ul").slideUp("slow"); @@ -128,8 +129,8 @@ $(document).ready(function() { $(".gContextMenu").hover( function() { $(this).find("ul").slideDown("fast"); - var dialogLinks = $(this).find(".gDialogLink"); - $(dialogLinks).gallery_dialog(); + $(this).find(".gDialogLink").gallery_dialog(); + $(this).find(".gAjaxLink").gallery_ajax(); }, function() { $(this).find("ul").slideUp("slow"); diff --git a/themes/default/views/album.html.php b/themes/default/views/album.html.php index ce57458e..e2890482 100644 --- a/themes/default/views/album.html.php +++ b/themes/default/views/album.html.php @@ -19,7 +19,7 @@ thumb_img(array("class" => "gThumbnail")) ?> thumb_bottom($child) ?> - context_menu($child) ?> + context_menu($child, "#gItemId-{$child->id} .gThumbnail") ?>

title) ?>

thumb_info($child) ?> diff --git a/themes/default/views/movie.html.php b/themes/default/views/movie.html.php index d255922b..c8ecd769 100644 --- a/themes/default/views/movie.html.php +++ b/themes/default/views/movie.html.php @@ -36,5 +36,5 @@ var ADD_A_COMMENT = ""; photo_bottom() ?> - context_menu($item) ?> + context_menu($item, "#gMovieId-{$item->id}") ?>

diff --git a/themes/default/views/page.html.php b/themes/default/views/page.html.php index 66282bae..2cb71b9e 100644 --- a/themes/default/views/page.html.php +++ b/themes/default/views/page.html.php @@ -53,6 +53,7 @@ + script("gallery.ajax.js") ?> script("gallery.dialog.js") ?> script("gallery.form.js") ?> script("superfish/js/superfish.js") ?> diff --git a/themes/default/views/photo.html.php b/themes/default/views/photo.html.php index 453417dc..fa5def47 100644 --- a/themes/default/views/photo.html.php +++ b/themes/default/views/photo.html.php @@ -47,7 +47,7 @@ resize_bottom($item) ?> - context_menu($item) ?> + context_menu($item, "#gPhotoId-{$item->id}") ?>

-- cgit v1.2.3 From 1d5262f9c354a8564f05a8a31b915ad479f4d361 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Fri, 28 Aug 2009 13:44:01 -0700 Subject: Fix ticket #591: reCaptcha always on the page. 1) move creating the "Add a comment" button into the comments.html.php 2) use $.get() to retrieve the comment add form --- modules/comment/helpers/comment_theme.php | 2 -- modules/comment/js/comment.js | 10 +++++++++- modules/comment/views/comments.html.php | 10 ++++++++-- themes/default/css/screen.css | 7 +++++++ themes/default/js/ui.init.js | 12 ------------ themes/default/views/movie.html.php | 3 --- themes/default/views/photo.html.php | 3 --- 7 files changed, 24 insertions(+), 23 deletions(-) (limited to 'themes/default/views') diff --git a/modules/comment/helpers/comment_theme.php b/modules/comment/helpers/comment_theme.php index b807e2cf..38a00b5c 100644 --- a/modules/comment/helpers/comment_theme.php +++ b/modules/comment/helpers/comment_theme.php @@ -26,7 +26,6 @@ class comment_theme_Core { static function photo_bottom($theme) { $block = new Block; $block->css_id = "gComments"; - $block->anchor = t("comments"); $block->title = t("Comments"); $view = new View("comments.html"); @@ -37,7 +36,6 @@ class comment_theme_Core { ->find_all(); $block->content = $view; - $block->content .= comment::get_add_form($theme->item())->render("form.html"); return $block; } } \ No newline at end of file diff --git a/modules/comment/js/comment.js b/modules/comment/js/comment.js index 00fc6027..9fd63c1a 100644 --- a/modules/comment/js/comment.js +++ b/modules/comment/js/comment.js @@ -1,5 +1,13 @@ $("document").ready(function() { - ajaxify_comment_form(); + $("#gAddCommentButton").click(function(event) { + event.preventDefault(); + $.get($(this).attr("href"), + {}, + function(data) { + $("#gCommentDetail").append(data); + ajaxify_comment_form(); + }); + }); }); function ajaxify_comment_form() { diff --git a/modules/comment/views/comments.html.php b/modules/comment/views/comments.html.php index f7251389..6dce9971 100644 --- a/modules/comment/views/comments.html.php +++ b/modules/comment/views/comments.html.php @@ -1,11 +1,17 @@ + id})") ?>" id="gAddCommentButton" + class="gButtonLink ui-corner-all ui-icon-left ui-state-default right"> + + + +

count()): ?>

comment!", array("attrs" => "href=\"#add_comment_form\" class=\"showCommentForm\"")) ?>

@@ -26,4 +32,4 @@

diff --git a/themes/default/css/screen.css b/themes/default/css/screen.css index ecae2bb2..481581a2 100644 --- a/themes/default/css/screen.css +++ b/themes/default/css/screen.css @@ -530,6 +530,7 @@ form .gError, #gContent #gComments { margin-top: 2em; + position: relative; } #gContent #gComments ul li { @@ -561,6 +562,12 @@ form .gError, width: 32px; } +#gAddCommentButton { + position: absolute; + right: 0; + top: 2px; +} + #gContent #gAddCommentForm { margin-top: 2em; } diff --git a/themes/default/js/ui.init.js b/themes/default/js/ui.init.js index 2391f638..67cdb968 100644 --- a/themes/default/js/ui.init.js +++ b/themes/default/js/ui.init.js @@ -110,18 +110,6 @@ $(document).ready(function() { $(this).gallery_context_menu(); }); - // Collapse comments form, insert button to expand - if ($("#gAddCommentForm").length) { - var showCommentForm = '' - + '' + ADD_A_COMMENT + ''; - $("#gAddCommentForm").hide(); - $("#gComments").prepend(showCommentForm); - $(".showCommentForm").click(function(){ - $("#gAddCommentForm").show(1000); - }); - } - // Add scroll effect for links to named anchors $.localScroll({ queue: true, diff --git a/themes/default/views/movie.html.php b/themes/default/views/movie.html.php index c8ecd769..29789f8e 100644 --- a/themes/default/views/movie.html.php +++ b/themes/default/views/movie.html.php @@ -32,9 +32,6 @@

description)) ?>

- photo_bottom() ?> context_menu($item, "#gMovieId-{$item->id}") ?> diff --git a/themes/default/views/photo.html.php b/themes/default/views/photo.html.php index fa5def47..39e61ef6 100644 --- a/themes/default/views/photo.html.php +++ b/themes/default/views/photo.html.php @@ -55,8 +55,5 @@

description)) ?>

- photo_bottom() ?> -- cgit v1.2.3 From a2e2a2178b1b84a9895fdddd020c5ec8dddf89c5 Mon Sep 17 00:00:00 2001 From: Andy Staudacher Date: Sat, 29 Aug 2009 10:40:34 -0700 Subject: Using SafeString in album controller / view --- modules/gallery/controllers/albums.php | 6 +++--- themes/default/views/album.html.php | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) (limited to 'themes/default/views') diff --git a/modules/gallery/controllers/albums.php b/modules/gallery/controllers/albums.php index cdfa823d..ec3eb426 100644 --- a/modules/gallery/controllers/albums.php +++ b/modules/gallery/controllers/albums.php @@ -112,7 +112,7 @@ class Albums_Controller extends Items_Controller { log::success("content", "Created an album", html::anchor("albums/$new_album->id", "view album")); message::success( - t("Created album %album_title", array("album_title" => p::clean($new_album->title)))); + t("Created album %album_title", array("album_title" => $new_album->title))); print json_encode( array("result" => "success", @@ -145,7 +145,7 @@ class Albums_Controller extends Items_Controller { log::success("content", "Added a photo", html::anchor("photos/$photo->id", "view photo")); message::success( - t("Added photo %photo_title", array("photo_title" => p::clean($photo->title)))); + t("Added photo %photo_title", array("photo_title" => $photo->title))); print json_encode( array("result" => "success", @@ -194,7 +194,7 @@ class Albums_Controller extends Items_Controller { log::success("content", "Updated album", "id\">view"); message::success( - t("Saved album %album_title", array("album_title" => p::clean($album->title)))); + t("Saved album %album_title", array("album_title" => $album->title))); print json_encode( array("result" => "success", diff --git a/themes/default/views/album.html.php b/themes/default/views/album.html.php index 65ea3381..c2f95731 100644 --- a/themes/default/views/album.html.php +++ b/themes/default/views/album.html.php @@ -2,8 +2,8 @@

album_top() ?> -

title) ?>

description)) ?>

title)->purified_html() ?>

description)->purified_html()) ?>

title) ?>

thumb_info($child) ?>

Date: Sat, 29 Aug 2009 12:48:40 -0700 Subject: Refactor all calls of p::clean() to SafeString::of() and p::purify() to SafeString::purify(). Removing any p::clean() calls for arguments to t() and t2() since their args are wrapped in a SafeString anyway. --- modules/comment/controllers/comments.php | 8 +++--- modules/comment/helpers/comment_rss.php | 8 +++--- .../views/admin_block_recent_comments.html.php | 6 ++--- modules/comment/views/admin_comments.html.php | 10 ++++---- modules/comment/views/comment.html.php | 6 ++--- modules/comment/views/comment.mrss.php | 12 ++++----- modules/comment/views/comments.html.php | 6 ++--- modules/digibug/controllers/digibug.php | 2 +- modules/exif/views/exif_dialog.html.php | 4 +-- modules/g2_import/helpers/g2_import.php | 2 +- .../controllers/admin_advanced_settings.php | 2 +- modules/gallery/controllers/movies.php | 2 +- modules/gallery/controllers/photos.php | 2 +- modules/gallery/controllers/quick.php | 10 ++++---- modules/gallery/helpers/gallery_rss.php | 4 +-- modules/gallery/helpers/gallery_task.php | 4 +-- modules/gallery/helpers/p.php | 29 ---------------------- .../gallery/views/admin_advanced_settings.html.php | 8 +++--- .../gallery/views/admin_block_log_entries.html.php | 2 +- .../views/admin_block_photo_stream.html.php | 4 +-- modules/gallery/views/admin_maintenance.html.php | 2 +- .../views/admin_maintenance_show_log.html.php | 2 +- modules/gallery/views/after_install.html.php | 2 +- modules/gallery/views/move_tree.html.php | 8 +++--- modules/gallery/views/permissions_browse.html.php | 4 +-- modules/gallery/views/permissions_form.html.php | 2 +- modules/gallery/views/simple_uploader.html.php | 6 ++--- modules/info/views/info_block.html.php | 10 ++++---- .../notification/views/comment_published.html.php | 12 ++++----- modules/notification/views/item_added.html.php | 8 +++--- modules/notification/views/item_deleted.html.php | 6 ++--- modules/notification/views/item_updated.html.php | 12 ++++----- modules/organize/controllers/organize.php | 10 ++++---- modules/organize/views/organize.html.php | 2 +- modules/organize/views/organize_album.html.php | 2 +- modules/rss/views/feed.mrss.php | 14 +++++------ modules/search/views/search.html.php | 10 ++++---- .../server_add/controllers/admin_server_add.php | 4 +-- modules/server_add/views/server_add_tree.html.php | 2 +- .../views/server_add_tree_dialog.html.php | 6 ++--- modules/tag/controllers/admin_tags.php | 8 +++--- modules/tag/helpers/tag_rss.php | 2 +- modules/tag/views/admin_tags.html.php | 2 +- modules/tag/views/tag_cloud.html.php | 2 +- modules/user/controllers/admin_users.php | 14 +++++------ modules/user/controllers/login.php | 4 +-- modules/user/controllers/logout.php | 4 +-- modules/user/controllers/password.php | 2 +- modules/user/views/admin_users.html.php | 8 +++--- modules/user/views/admin_users_group.html.php | 8 +++--- modules/user/views/login.html.php | 6 ++--- modules/user/views/reset_password.html.php | 2 +- system/helpers/request.php | 2 +- themes/default/views/album.html.php | 4 +-- themes/default/views/dynamic.html.php | 4 +-- themes/default/views/header.html.php | 4 +-- themes/default/views/movie.html.php | 4 +-- themes/default/views/page.html.php | 8 +++--- themes/default/views/photo.html.php | 4 +-- 59 files changed, 159 insertions(+), 188 deletions(-) delete mode 100644 modules/gallery/helpers/p.php (limited to 'themes/default/views') diff --git a/modules/comment/controllers/comments.php b/modules/comment/controllers/comments.php index 9fb4796e..87633f4c 100644 --- a/modules/comment/controllers/comments.php +++ b/modules/comment/controllers/comments.php @@ -39,9 +39,9 @@ class Comments_Controller extends REST_Controller { foreach ($comments as $comment) { $data[] = array( "id" => $comment->id, - "author_name" => p::clean($comment->author_name()), + "author_name" => SafeString::of($comment->author_name()), "created" => $comment->created, - "text" => nl2br(p::purify($comment->text))); + "text" => nl2br(SafeString::purify($comment->text))); } print json_encode($data); break; @@ -126,9 +126,9 @@ class Comments_Controller extends REST_Controller { array("result" => "success", "data" => array( "id" => $comment->id, - "author_name" => p::clean($comment->author_name()), + "author_name" => SafeString::of($comment->author_name()), "created" => $comment->created, - "text" => nl2br(p::purify($comment->text))))); + "text" => nl2br(SafeString::purify($comment->text))))); } else { $view = new Theme_View("comment.html", "fragment"); $view->comment = $comment; diff --git a/modules/comment/helpers/comment_rss.php b/modules/comment/helpers/comment_rss.php index ab3d2283..d0f15010 100644 --- a/modules/comment/helpers/comment_rss.php +++ b/modules/comment/helpers/comment_rss.php @@ -23,7 +23,7 @@ class comment_rss_Core { $feeds["comment/newest"] = t("All new comments"); if ($item) { $feeds["comment/item/$item->id"] = - t("Comments on %title", array("title" => p::purify($item->title))); + t("Comments on %title", array("title" => SafeString::purify($item->title))); } return $feeds; } @@ -53,13 +53,13 @@ class comment_rss_Core { $item = $comment->item(); $feed->children[] = new ArrayObject( array("pub_date" => date("D, d M Y H:i:s T", $comment->created), - "text" => nl2br(p::purify($comment->text)), + "text" => nl2br(SafeString::purify($comment->text)), "thumb_url" => $item->thumb_url(), "thumb_height" => $item->thumb_height, "thumb_width" => $item->thumb_width, "item_uri" => url::abs_site("{$item->type}s/$item->id"), - "title" => p::purify($item->title), - "author" => p::clean($comment->author_name())), + "title" => SafeString::purify($item->title), + "author" => SafeString::of($comment->author_name())), ArrayObject::ARRAY_AS_PROPS); } diff --git a/modules/comment/views/admin_block_recent_comments.html.php b/modules/comment/views/admin_block_recent_comments.html.php index 516a8181..2c7a5cf1 100644 --- a/modules/comment/views/admin_block_recent_comments.html.php +++ b/modules/comment/views/admin_block_recent_comments.html.php @@ -4,13 +4,13 @@

" class="gAvatar" - alt="author_name()) ?>" + alt="author_name()) ?>" width="32" height="32" /> created) ?> %author_name said %comment_text', - array("author_name" => p::clean($comment->author_name()), - "comment_text" => text::limit_words(nl2br(p::purify($comment->text)), 50))); ?> + array("author_name" => SafeString::of($comment->author_name()), + "comment_text" => text::limit_words(nl2br(SafeString::purify($comment->text)), 50))); ?>

diff --git a/modules/comment/views/admin_comments.html.php b/modules/comment/views/admin_comments.html.php index 9fe7164b..b27e3166 100644 --- a/modules/comment/views/admin_comments.html.php +++ b/modules/comment/views/admin_comments.html.php @@ -108,12 +108,12 @@

" class="gAvatar" - alt="author_name()) ?>" + alt="author_name()) ?>" width="40" height="40" /> -

author_name()) ?>

@@ -122,7 +122,7 @@ has_thumb()): ?> <?= p::purify($item->title) ?>

thumb_width, $item->thumb_height, 75) ?> /> @@ -132,7 +132,7 @@

created) ?>

- text)) ?> + text)) ?>

diff --git a/modules/comment/views/comment.html.php b/modules/comment/views/comment.html.php index 3d17411c..31bb7f4d 100644 --- a/modules/comment/views/comment.html.php +++ b/modules/comment/views/comment.html.php @@ -4,15 +4,15 @@

" class="gAvatar" - alt="author_name()) ?>" + alt="author_name()) ?>" width="40" height="40" />

- text)) ?> + text)) ?>

Gallery 3 - <?= p::clean($feed->title) ?> + <?= SafeString::of($feed->title) ?> uri ?> - description) ?> + description) ?> en-us @@ -22,14 +22,14 @@ children as $child): ?> - <?= p::purify($child->title) ?> - item_uri) ?> - author) ?> + <?= SafeString::purify($child->title) ?> + item_uri) ?> + author) ?> item_uri ?> pub_date ?> text)) ?>

text)) ?>

diff --git a/modules/comment/views/comments.html.php b/modules/comment/views/comments.html.php index f7251389..7941b7da 100644 --- a/modules/comment/views/comments.html.php +++ b/modules/comment/views/comments.html.php @@ -12,16 +12,16 @@ " class="gAvatar" - alt="author_name()) ?>" + alt="author_name()) ?>" width="40" height="40" /> %name said', array("date" => date("Y-M-d H:i:s", $comment->created), - "name" => p::clean($comment->author_name()))); ?> + "name" => SafeString::of($comment->author_name()))); ?>

- text)) ?> + text)) ?>

diff --git a/modules/digibug/controllers/digibug.php b/modules/digibug/controllers/digibug.php index e0f4b6bf..509a8b70 100644 --- a/modules/digibug/controllers/digibug.php +++ b/modules/digibug/controllers/digibug.php @@ -50,7 +50,7 @@ class Digibug_Controller extends Controller { "image_width_1" => $item->width, "thumb_height_1" => $item->thumb_height, "thumb_width_1" => $item->thumb_width, - "title_1" => p::purify($item->title)); + "title_1" => SafeString::purify($item->title)); print $v; } diff --git a/modules/exif/views/exif_dialog.html.php b/modules/exif/views/exif_dialog.html.php index 6494b2b0..a981ca09 100644 --- a/modules/exif/views/exif_dialog.html.php +++ b/modules/exif/views/exif_dialog.html.php @@ -14,14 +14,14 @@ - + - + diff --git a/modules/g2_import/helpers/g2_import.php b/modules/g2_import/helpers/g2_import.php index 436cef52..a01ca1db 100644 --- a/modules/g2_import/helpers/g2_import.php +++ b/modules/g2_import/helpers/g2_import.php @@ -590,7 +590,7 @@ class g2_import_Core { self::map($g2_comment->getId(), $comment->id); return t("Imported comment '%comment' for item with id: %id", array("id" => $comment->item_id, - "comment" => text::limit_words(nl2br(p::purify($comment->text)), 50))); + "comment" => text::limit_words(nl2br(SafeString::purify($comment->text)), 50))); } /** diff --git a/modules/gallery/controllers/admin_advanced_settings.php b/modules/gallery/controllers/admin_advanced_settings.php index 64007fdb..d727b654 100644 --- a/modules/gallery/controllers/admin_advanced_settings.php +++ b/modules/gallery/controllers/admin_advanced_settings.php @@ -46,7 +46,7 @@ class Admin_Advanced_Settings_Controller extends Admin_Controller { module::set_var($module_name, $var_name, Input::instance()->post("value")); message::success( t("Saved value for %var (%module_name)", - array("var" => p::clean($var_name), "module_name" => $module_name))); + array("var" => SafeString::of($var_name), "module_name" => $module_name))); print json_encode(array("result" => "success")); } diff --git a/modules/gallery/controllers/movies.php b/modules/gallery/controllers/movies.php index c8227d74..09b16759 100644 --- a/modules/gallery/controllers/movies.php +++ b/modules/gallery/controllers/movies.php @@ -93,7 +93,7 @@ class Movies_Controller extends Items_Controller { log::success("content", "Updated photo", "id\">view"); message::success( - t("Saved photo %photo_title", array("photo_title" => p::clean($photo->title)))); + t("Saved photo %photo_title", array("photo_title" => $photo->title))); print json_encode( array("result" => "success", diff --git a/modules/gallery/controllers/photos.php b/modules/gallery/controllers/photos.php index 8ee24da8..3447b4c6 100644 --- a/modules/gallery/controllers/photos.php +++ b/modules/gallery/controllers/photos.php @@ -86,7 +86,7 @@ class Photos_Controller extends Items_Controller { log::success("content", "Updated photo", "id\">view"); message::success( - t("Saved photo %photo_title", array("photo_title" => p::clean($photo->title)))); + t("Saved photo %photo_title", array("photo_title" => $photo->title))); print json_encode( array("result" => "success", diff --git a/modules/gallery/controllers/quick.php b/modules/gallery/controllers/quick.php index de027c1b..98a5bf9f 100644 --- a/modules/gallery/controllers/quick.php +++ b/modules/gallery/controllers/quick.php @@ -89,7 +89,7 @@ class Quick_Controller extends Controller { access::required("view", $item->parent()); access::required("edit", $item->parent()); - $msg = t("Made %title this album's cover", array("title" => p::purify($item->title))); + $msg = t("Made %title this album's cover", array("title" => SafeString::purify($item->title))); item::make_album_cover($item); message::success($msg); @@ -105,10 +105,10 @@ class Quick_Controller extends Controller { if ($item->is_album()) { print t( "Delete the album %title? All photos and movies in the album will also be deleted.", - array("title" => p::purify($item->title))); + array("title" => SafeString::purify($item->title))); } else { print t("Are you sure you want to delete %title?", - array("title" => p::purify($item->title))); + array("title" => SafeString::purify($item->title))); } $form = item::get_delete_form($item); @@ -122,9 +122,9 @@ class Quick_Controller extends Controller { access::required("edit", $item); if ($item->is_album()) { - $msg = t("Deleted album %title", array("title" => p::purify($item->title))); + $msg = t("Deleted album %title", array("title" => SafeString::purify($item->title))); } else { - $msg = t("Deleted photo %title", array("title" => p::purify($item->title))); + $msg = t("Deleted photo %title", array("title" => SafeString::purify($item->title))); } $parent = $item->parent(); diff --git a/modules/gallery/helpers/gallery_rss.php b/modules/gallery/helpers/gallery_rss.php index 7daf6170..be555296 100644 --- a/modules/gallery/helpers/gallery_rss.php +++ b/modules/gallery/helpers/gallery_rss.php @@ -52,9 +52,9 @@ class gallery_rss_Core { ->viewable() ->descendants($limit, $offset, "photo"); $feed->max_pages = ceil($item->viewable()->descendants_count("photo") / $limit); - $feed->title = p::purify($item->title); + $feed->title = SafeString::purify($item->title); $feed->link = url::abs_site("albums/{$item->id}"); - $feed->description = nl2br(p::purify($item->description)); + $feed->description = nl2br(SafeString::purify($item->description)); return $feed; } diff --git a/modules/gallery/helpers/gallery_task.php b/modules/gallery/helpers/gallery_task.php index 9edc3acd..8c0e8aa8 100644 --- a/modules/gallery/helpers/gallery_task.php +++ b/modules/gallery/helpers/gallery_task.php @@ -64,10 +64,10 @@ class gallery_task_Core { if (!$success) { $ignored[$item->id] = 1; $errors[] = t("Unable to rebuild images for '%title'", - array("title" => p::purify($item->title))); + array("title" => SafeString::purify($item->title))); } else { $errors[] = t("Successfully rebuilt images for '%title'", - array("title" => p::purify($item->title))); + array("title" => SafeString::purify($item->title))); } } diff --git a/modules/gallery/helpers/p.php b/modules/gallery/helpers/p.php deleted file mode 100644 index e852c086..00000000 --- a/modules/gallery/helpers/p.php +++ /dev/null @@ -1,29 +0,0 @@ -purified_html(); - } -} diff --git a/modules/gallery/views/admin_advanced_settings.html.php b/modules/gallery/views/admin_advanced_settings.html.php index b37c1c73..adc15b91 100644 --- a/modules/gallery/views/admin_advanced_settings.html.php +++ b/modules/gallery/views/admin_advanced_settings.html.php @@ -20,13 +20,13 @@ module_name == "gallery" && $var->name == "_cache") continue ?> module_name ?> - name) ?> + name) ?> - module_name/" . p::clean($var->name)) ?>" + module_name/" . SafeString::of($var->name)) ?>" class="gDialogLink" - title=" p::clean($var->name), "module_name" => $var->module_name)) ?>"> + title=" $var->name, "module_name" => $var->module_name)) ?>"> value): ?> - value) ?> + value) ?> diff --git a/modules/gallery/views/admin_block_log_entries.html.php b/modules/gallery/views/admin_block_log_entries.html.php index 44c1657f..b7afb22d 100644 --- a/modules/gallery/views/admin_block_log_entries.html.php +++ b/modules/gallery/views/admin_block_log_entries.html.php @@ -2,7 +2,7 @@

- user_id") ?>">user->name) ?> + user_id") ?>">user->name) ?> timestamp) ?> message ?> html ?> diff --git a/modules/gallery/views/admin_block_photo_stream.html.php b/modules/gallery/views/admin_block_photo_stream.html.php index 1e1329d1..732bdc38 100644 --- a/modules/gallery/views/admin_block_photo_stream.html.php +++ b/modules/gallery/views/admin_block_photo_stream.html.php @@ -2,9 +2,9 @@

- id") ?>" title="title) ?>"> + id") ?>" title="title) ?>"> width, $photo->height, 72) ?> - src="thumb_url() ?>" alt="title) ?>" /> + src="thumb_url() ?>" alt="title) ?>" />

name ?>

get_log()) ?>

get_log()) ?>

diff --git a/modules/gallery/views/after_install.html.php b/modules/gallery/views/after_install.html.php index e4842163..2cf8ec8f 100644 --- a/modules/gallery/views/after_install.html.php +++ b/modules/gallery/views/after_install.html.php @@ -8,7 +8,7 @@

- %user_name account. The very first thing you should do is to change your password to something that you'll remember.", array("user_name" => p::clean($user->name))) ?> + %user_name account. The very first thing you should do is to change your password to something that you'll remember.", array("user_name" => $user->name)) ?>

diff --git a/modules/gallery/views/move_tree.html.php b/modules/gallery/views/move_tree.html.php index 5f70cf67..7818a42a 100644 --- a/modules/gallery/views/move_tree.html.php +++ b/modules/gallery/views/move_tree.html.php @@ -1,18 +1,18 @@ thumb_img(array(), 25); ?> is_descendant($parent)): ?> - title) ?> + title) ?> - title) ?> + title) ?>

thumb_img(array(), 25); ?> is_descendant($child)): ?> - title) ?> + title) ?> - title) ?> + title) ?>

- title) ?> + title) ?>

diff --git a/modules/gallery/views/permissions_form.html.php b/modules/gallery/views/permissions_form.html.php index ee5e3a24..adc0496f 100644 --- a/modules/gallery/views/permissions_form.html.php +++ b/modules/gallery/views/permissions_form.html.php @@ -6,7 +6,7 @@ - name) ?> + name) ?> diff --git a/modules/gallery/views/simple_uploader.html.php b/modules/gallery/views/simple_uploader.html.php index 38ac518c..56e568f6 100644 --- a/modules/gallery/views/simple_uploader.html.php +++ b/modules/gallery/views/simple_uploader.html.php @@ -6,7 +6,7 @@ @@ -26,9 +26,9 @@

title) ?>
title) ?>
title) ?>
title) ?>

diff --git a/modules/info/views/info_block.html.php b/modules/info/views/info_block.html.php index f86ae39d..365a1021 100644 --- a/modules/info/views/info_block.html.php +++ b/modules/info/views/info_block.html.php @@ -2,18 +2,18 @@

- title) ?> + title) ?>
- description)) ?> + description)) ?>
- name) ?> + name) ?>
owner->url): ?> - owner->display_name()) ?> + owner->display_name()) ?> - owner->display_name()) ?> + owner->display_name()) ?>

<?= p::clean($subject) ?>

<?= SafeString::of($subject) ?>

<?= p::clean($subject) ?>

<?= SafeString::of($subject) ?>

	text)) ?>	text)) ?>
	author_name()) ?>	author_name()) ?>
	author_email()) ?>	author_email()) ?>
	author_url()) ?>	author_url()) ?>

	title) ?>	title) ?>

	description)) ?>	description)) ?>

<?= p::clean($subject) ?>

<?= SafeString::of($subject) ?>

<?= p::clean($subject) ?>

<?= SafeString::of($subject) ?>

p::purify($item->parent()->title))) ?> + array("title" => SafeString::purify($item->parent()->title))) ?>

title) ?>	title) ?>	title) ?>	title) ?>
description) ?>	description) ?>
description) ?>	description) ?>

id\">view

diff --git a/modules/organize/views/organize_album.html.php b/modules/organize/views/organize_album.html.php index ae2d5d51..4933ed32 100644 --- a/modules/organize/views/organize_album.html.php +++ b/modules/organize/views/organize_album.html.php @@ -7,7 +7,7 @@

gBranchText"> - title) ?> + title) ?>

"> diff --git a/modules/rss/views/feed.mrss.php b/modules/rss/views/feed.mrss.php index 447179a5..7298b7f4 100644 --- a/modules/rss/views/feed.mrss.php +++ b/modules/rss/views/feed.mrss.php @@ -6,9 +6,9 @@ xmlns:fh="http://purl.org/syndication/history/1.0"> gallery3 - <?= p::clean($feed->title) ?> + <?= SafeString::of($feed->title) ?> uri ?> - description) ?> + description) ?> en-us @@ -22,25 +22,25 @@ children as $child): ?> - <?= p::clean($child->title) ?> + <?= SafeString::of($child->title) ?> type}s/{$child->id}") ?> type}s/{$child->id}") ?> created); ?> description) ?> + description) ?>

type == "photo" || $child->type == "album"): ?>
type}s/{$child->id}") ?>">
- description) ?> + description) ?>

]]> diff --git a/modules/search/views/search.html.php b/modules/search/views/search.html.php index 6a222ef1..e5c7b4a6 100644 --- a/modules/search/views/search.html.php +++ b/modules/search/views/search.html.php @@ -8,10 +8,10 @@

- +
- " /> + for_html_attr() ?>" />

@@ -31,10 +31,10 @@ id") ?>"> thumb_img() ?>

- title) ?> + title) ?>

- description)) ?> + description)) ?>

@@ -44,7 +44,7 @@

- %term", array("term" => p::clean($q))) ?> + %term", array("term" => $q)) ?>

diff --git a/modules/server_add/controllers/admin_server_add.php b/modules/server_add/controllers/admin_server_add.php index 30109f42..fac2aa44 100644 --- a/modules/server_add/controllers/admin_server_add.php +++ b/modules/server_add/controllers/admin_server_add.php @@ -38,7 +38,7 @@ class Admin_Server_Add_Controller extends Admin_Controller { $path = $form->add_path->path->value; $paths[$path] = 1; module::set_var("server_add", "authorized_paths", serialize($paths)); - message::success(t("Added path %path", array("path" => p::clean($path)))); + message::success(t("Added path %path", array("path" => $path))); server_add::check_config($paths); url::redirect("admin/server_add"); } else { @@ -60,7 +60,7 @@ class Admin_Server_Add_Controller extends Admin_Controller { $paths = unserialize(module::get_var("server_add", "authorized_paths")); if (isset($paths[$path])) { unset($paths[$path]); - message::success(t("Removed path %path", array("path" => p::clean($path)))); + message::success(t("Removed path %path", array("path" => $path))); module::set_var("server_add", "authorized_paths", serialize($paths)); server_add::check_config($paths); } diff --git a/modules/server_add/views/server_add_tree.html.php b/modules/server_add/views/server_add_tree.html.php index 254a9da0..b68544ec 100644 --- a/modules/server_add/views/server_add_tree.html.php +++ b/modules/server_add/views/server_add_tree.html.php @@ -24,7 +24,7 @@ file="" > - + diff --git a/modules/server_add/views/server_add_tree_dialog.html.php b/modules/server_add/views/server_add_tree_dialog.html.php index 21952849..533cad04 100644 --- a/modules/server_add/views/server_add_tree_dialog.html.php +++ b/modules/server_add/views/server_add_tree_dialog.html.php @@ -5,17 +5,17 @@

- +

- title) ?> + title) ?>
- title) ?> + title) ?>

diff --git a/modules/tag/controllers/admin_tags.php b/modules/tag/controllers/admin_tags.php index dcdc16b9..f1b4ca3a 100644 --- a/modules/tag/controllers/admin_tags.php +++ b/modules/tag/controllers/admin_tags.php @@ -53,8 +53,8 @@ class Admin_Tags_Controller extends Admin_Controller { $name = $tag->name; Database::instance()->delete("items_tags", array("tag_id" => "$tag->id")); $tag->delete(); - message::success(t("Deleted tag %tag_name", array("tag_name" => p::clean($name)))); - log::success("tags", t("Deleted tag %tag_name", array("tag_name" => p::clean($name)))); + message::success(t("Deleted tag %tag_name", array("tag_name" => $name))); + log::success("tags", t("Deleted tag %tag_name", array("tag_name" => $name))); print json_encode( array("result" => "success", @@ -98,7 +98,7 @@ class Admin_Tags_Controller extends Admin_Controller { $tag->save(); $message = t("Renamed tag %old_name to %new_name", - array("old_name" => p::clean($old_name), "new_name" => p::clean($tag->name))); + array("old_name" => $old_name, "new_name" => $tag->name)); message::success($message); log::success("tags", $message); @@ -106,7 +106,7 @@ class Admin_Tags_Controller extends Admin_Controller { array("result" => "success", "location" => url::site("admin/tags"), "tag_id" => $tag->id, - "new_tagname" => p::clean($tag->name))); + "new_tagname" => SafeString::of($tag->name))); } else { print json_encode( array("result" => "error", diff --git a/modules/tag/helpers/tag_rss.php b/modules/tag/helpers/tag_rss.php index f94508cf..7194586d 100644 --- a/modules/tag/helpers/tag_rss.php +++ b/modules/tag/helpers/tag_rss.php @@ -22,7 +22,7 @@ class tag_rss_Core { static function available_feeds($item, $tag) { if ($tag) { $feeds["tag/tag/{$tag->id}"] = - t("Tag feed for %tag_name", array("tag_name" => p::clean($tag->name))); + t("Tag feed for %tag_name", array("tag_name" => $tag->name)); return $feeds; } return array(); diff --git a/modules/tag/views/admin_tags.html.php b/modules/tag/views/admin_tags.html.php index 7d201da7..5bd23112 100644 --- a/modules/tag/views/admin_tags.html.php +++ b/modules/tag/views/admin_tags.html.php @@ -47,7 +47,7 @@

- name) ?> + name) ?> (count ?>) id") ?>" class="gDialogLink delete-link gButtonLink"> diff --git a/modules/tag/views/tag_cloud.html.php b/modules/tag/views/tag_cloud.html.php index eba615fc..b4c6ae34 100644 --- a/modules/tag/views/tag_cloud.html.php +++ b/modules/tag/views/tag_cloud.html.php @@ -3,7 +3,7 @@

count ?> photos are tagged with - id") ?>">name) ?> + id") ?>">name) ?>

diff --git a/modules/user/controllers/admin_users.php b/modules/user/controllers/admin_users.php index f87602b8..521f82fa 100644 --- a/modules/user/controllers/admin_users.php +++ b/modules/user/controllers/admin_users.php @@ -51,7 +51,7 @@ class Admin_Users_Controller extends Controller { $user->save(); module::event("user_add_form_admin_completed", $user, $form); - message::success(t("Created user %user_name", array("user_name" => p::clean($user->name)))); + message::success(t("Created user %user_name", array("user_name" => $user->name))); print json_encode(array("result" => "success")); } else { print json_encode(array("result" => "error", @@ -84,7 +84,7 @@ class Admin_Users_Controller extends Controller { "form" => $form->__toString())); } - $message = t("Deleted user %user_name", array("user_name" => p::clean($name))); + $message = t("Deleted user %user_name", array("user_name" => $name)); log::success("user", $message); message::success($message); print json_encode(array("result" => "success")); @@ -142,7 +142,7 @@ class Admin_Users_Controller extends Controller { $user->save(); module::event("user_edit_form_admin_completed", $user, $form); - message::success(t("Changed user %user_name", array("user_name" => p::clean($user->name)))); + message::success(t("Changed user %user_name", array("user_name" => $user->name))); print json_encode(array("result" => "success")); } else { print json_encode(array("result" => "error", @@ -204,7 +204,7 @@ class Admin_Users_Controller extends Controller { $group = group::create($new_name); $group->save(); message::success( - t("Created group %group_name", array("group_name" => p::clean($group->name)))); + t("Created group %group_name", array("group_name" => $group->name))); print json_encode(array("result" => "success")); } else { print json_encode(array("result" => "error", @@ -233,7 +233,7 @@ class Admin_Users_Controller extends Controller { "form" => $form->__toString())); } - $message = t("Deleted group %group_name", array("group_name" => p::clean($name))); + $message = t("Deleted group %group_name", array("group_name" => $name)); log::success("group", $message); message::success($message); print json_encode(array("result" => "success")); @@ -271,11 +271,11 @@ class Admin_Users_Controller extends Controller { $group->name = $form->edit_group->inputs["name"]->value; $group->save(); message::success( - t("Changed group %group_name", array("group_name" => p::clean($group->name)))); + t("Changed group %group_name", array("group_name" => $group->name))); print json_encode(array("result" => "success")); } else { message::error( - t("Failed to change group %group_name", array("group_name" => p::clean($group->name)))); + t("Failed to change group %group_name", array("group_name" => $group->name))); print json_encode(array("result" => "error", "form" => $form->__toString())); } diff --git a/modules/user/controllers/login.php b/modules/user/controllers/login.php index 4d901051..b81b17b2 100644 --- a/modules/user/controllers/login.php +++ b/modules/user/controllers/login.php @@ -63,7 +63,7 @@ class Login_Controller extends Controller { log::warning( "user", t("Failed login for %name", - array("name" => p::clean($form->login->inputs["name"]->value)))); + array("name" => $form->login->inputs["name"]->value))); $form->login->inputs["name"]->add_error("invalid_login", 1); $valid = false; } @@ -71,7 +71,7 @@ class Login_Controller extends Controller { if ($valid) { user::login($user); - log::info("user", t("User %name logged in", array("name" => p::clean($user->name)))); + log::info("user", t("User %name logged in", array("name" => $user->name))); } // Either way, regenerate the session id to avoid session trapping diff --git a/modules/user/controllers/logout.php b/modules/user/controllers/logout.php index 099b1952..4b141a1c 100644 --- a/modules/user/controllers/logout.php +++ b/modules/user/controllers/logout.php @@ -23,8 +23,8 @@ class Logout_Controller extends Controller { $user = user::active(); user::logout(); - log::info("user", t("User %name logged out", array("name" => p::clean($user->name))), - html::anchor("user/$user->id", p::clean($user->name))); + log::info("user", t("User %name logged out", array("name" => $user->name)), + html::anchor("user/$user->id", SafeString::of($user->name))); if ($continue_url = $this->input->get("continue")) { $item = url::get_item_from_uri($continue_url); if (access::can("view", $item)) { diff --git a/modules/user/controllers/password.php b/modules/user/controllers/password.php index 2af1b879..066efbba 100644 --- a/modules/user/controllers/password.php +++ b/modules/user/controllers/password.php @@ -74,7 +74,7 @@ class Password_Controller extends Controller { log::success( "user", - t("Password reset email sent for user %name", array("name" => p::clean($user->name)))); + t("Password reset email sent for user %name", array("name" => $user->name))); } else { // Don't include the username here until you're sure that it's XSS safe log::warning( diff --git a/modules/user/views/admin_users.html.php b/modules/user/views/admin_users.html.php index 542b8b8b..54c4847d 100644 --- a/modules/user/views/admin_users.html.php +++ b/modules/user/views/admin_users.html.php @@ -68,16 +68,16 @@

" title="" - alt="name) ?>" + alt="name) ?>" width="20" height="20" /> - name) ?> + name) ?> - full_name) ?> + full_name) ?> - email) ?> + email) ?> last_login == 0) ? "" : gallery::date($user->last_login) ?> diff --git a/modules/user/views/admin_users_group.html.php b/modules/user/views/admin_users_group.html.php index bfd79dba..f89a4392 100644 --- a/modules/user/views/admin_users_group.html.php +++ b/modules/user/views/admin_users_group.html.php @@ -1,9 +1,9 @@

- name) ?> + name) ?> special): ?> id") ?>" - title=" p::clean($group->name))) ?>" + title=" $group->name)) ?>" class="gDialogLink gButtonLink ui-state-default ui-corner-all"> @@ -17,12 +17,12 @@
users as $i => $user): ?>
- name) ?> + name) ?> special): ?> p::clean($user->name), "group" => p::clean($group->name))) ?>"> + array("user" => $user->name, "group" => $group->name)) ?>"> diff --git a/modules/user/views/login.html.php b/modules/user/views/login.html.php index 97341762..e92513e7 100644 --- a/modules/user/views/login.html.php +++ b/modules/user/views/login.html.php @@ -8,11 +8,11 @@

- SafeString::of( + SafeString::of_safe_html( 'id}") . - '" title="' . t("Edit Your Profile") . + '" title="' . t("Edit Your Profile")->for_html_attr() . '" id="gUserProfileLink" class="gDialogLink">' . - p::clean($user->display_name()) . '')->mark_html_safe())) ?> + SafeString::of($user->display_name()) . ''))) ?>

" diff --git a/modules/user/views/reset_password.html.php b/modules/user/views/reset_password.html.php index 4c4672ee..3dc7aebf 100644 --- a/modules/user/views/reset_password.html.php +++ b/modules/user/views/reset_password.html.php @@ -6,7 +6,7 @@

- p::clean($user->full_name ? $user->full_name : $user->name))) ?> + $user->full_name ? $user->full_name : $user->name)) ?>

%site_url. If you made this request, you can confirm it by clicking this link. If you didn't request this password reset, it's ok to ignore this mail.", array("site_url" => url::base(false, "http"), "confirm_url" => $confirm_url)) ?> diff --git a/system/helpers/request.php b/system/helpers/request.php index 4203d0e5..15b8edfa 100644 --- a/system/helpers/request.php +++ b/system/helpers/request.php @@ -30,7 +30,7 @@ class request_Core { // Set referrer $ref = $_SERVER['HTTP_REFERER']; - if (strpos($ref, url::base(FALSE)) === 0) + if (strpos($ref, (string) url::base(FALSE)) === 0) { // Remove the base URL from the referrer $ref = substr($ref, strlen(url::base(FALSE))); diff --git a/themes/default/views/album.html.php b/themes/default/views/album.html.php index c2f95731..ffb4b913 100644 --- a/themes/default/views/album.html.php +++ b/themes/default/views/album.html.php @@ -2,8 +2,8 @@
album_top() ?> -
title)->purified_html() ?>
-
description)->purified_html()) ?>
+
title) ?>
+
description)) ?>

diff --git a/themes/default/views/dynamic.html.php b/themes/default/views/dynamic.html.php index 2d122e69..2d8e04a2 100644 --- a/themes/default/views/dynamic.html.php +++ b/themes/default/views/dynamic.html.php @@ -3,7 +3,7 @@
dynamic_top() ?>
-
+

title) ?>

id}?show=$item->id") ?>"> - title) ?> + title) ?>
title) ?>
title) ?>

title) ?>

description)) ?>

title) ?>

description)) ?>

Date: Sat, 29 Aug 2009 22:54:20 -0700 Subject: Update all code to use helper method html::clean(), html::purify(), ... instead of SafeString directly. --- modules/comment/controllers/comments.php | 8 ++++---- modules/comment/helpers/comment_rss.php | 8 ++++---- modules/comment/views/admin_block_recent_comments.html.php | 6 +++--- modules/comment/views/admin_comments.html.php | 10 +++++----- modules/comment/views/comment.html.php | 6 +++--- modules/comment/views/comment.mrss.php | 12 ++++++------ modules/comment/views/comments.html.php | 6 +++--- modules/digibug/controllers/digibug.php | 2 +- modules/exif/views/exif_dialog.html.php | 4 ++-- modules/g2_import/helpers/g2_import.php | 2 +- modules/gallery/controllers/admin_advanced_settings.php | 2 +- modules/gallery/controllers/quick.php | 10 +++++----- modules/gallery/helpers/MY_html.php | 4 ++-- modules/gallery/helpers/gallery_rss.php | 4 ++-- modules/gallery/helpers/gallery_task.php | 4 ++-- modules/gallery/tests/Html_Helper_Test.php | 4 ++-- modules/gallery/tests/Xss_Security_Test.php | 4 ++-- modules/gallery/views/admin_advanced_settings.html.php | 6 +++--- modules/gallery/views/admin_block_log_entries.html.php | 2 +- modules/gallery/views/admin_block_photo_stream.html.php | 4 ++-- modules/gallery/views/admin_languages.html.php | 4 ++-- modules/gallery/views/admin_maintenance.html.php | 4 ++-- modules/gallery/views/admin_maintenance_show_log.html.php | 2 +- modules/gallery/views/move_tree.html.php | 8 ++++---- modules/gallery/views/permissions_browse.html.php | 4 ++-- modules/gallery/views/permissions_form.html.php | 2 +- modules/gallery/views/simple_uploader.html.php | 14 +++++++------- modules/info/views/info_block.html.php | 10 +++++----- modules/notification/views/comment_published.html.php | 12 ++++++------ modules/notification/views/item_added.html.php | 8 ++++---- modules/notification/views/item_deleted.html.php | 6 +++--- modules/notification/views/item_updated.html.php | 12 ++++++------ modules/organize/views/organize_dialog.html.php | 2 +- modules/organize/views/organize_tree.html.php | 6 +++--- modules/rss/views/feed.mrss.php | 14 +++++++------- modules/rss/views/rss_block.html.php | 2 +- modules/search/views/search.html.php | 6 +++--- modules/server_add/views/admin_server_add.html.php | 2 +- modules/server_add/views/server_add_tree.html.php | 4 ++-- modules/server_add/views/server_add_tree_dialog.html.php | 6 +++--- modules/tag/controllers/admin_tags.php | 2 +- modules/tag/views/admin_tags.html.php | 6 +++--- modules/tag/views/tag_cloud.html.php | 2 +- modules/user/controllers/logout.php | 2 +- modules/user/views/admin_users.html.php | 8 ++++---- modules/user/views/admin_users_group.html.php | 4 ++-- modules/user/views/login.html.php | 2 +- themes/default/views/album.html.php | 6 +++--- themes/default/views/dynamic.html.php | 4 ++-- themes/default/views/header.html.php | 4 ++-- themes/default/views/movie.html.php | 4 ++-- themes/default/views/photo.html.php | 6 +++--- 52 files changed, 143 insertions(+), 143 deletions(-) (limited to 'themes/default/views') diff --git a/modules/comment/controllers/comments.php b/modules/comment/controllers/comments.php index 87633f4c..82b12893 100644 --- a/modules/comment/controllers/comments.php +++ b/modules/comment/controllers/comments.php @@ -39,9 +39,9 @@ class Comments_Controller extends REST_Controller { foreach ($comments as $comment) { $data[] = array( "id" => $comment->id, - "author_name" => SafeString::of($comment->author_name()), + "author_name" => html::clean($comment->author_name()), "created" => $comment->created, - "text" => nl2br(SafeString::purify($comment->text))); + "text" => nl2br(html::purify($comment->text))); } print json_encode($data); break; @@ -126,9 +126,9 @@ class Comments_Controller extends REST_Controller { array("result" => "success", "data" => array( "id" => $comment->id, - "author_name" => SafeString::of($comment->author_name()), + "author_name" => html::clean($comment->author_name()), "created" => $comment->created, - "text" => nl2br(SafeString::purify($comment->text))))); + "text" => nl2br(html::purify($comment->text))))); } else { $view = new Theme_View("comment.html", "fragment"); $view->comment = $comment; diff --git a/modules/comment/helpers/comment_rss.php b/modules/comment/helpers/comment_rss.php index 4151dcd0..b539887b 100644 --- a/modules/comment/helpers/comment_rss.php +++ b/modules/comment/helpers/comment_rss.php @@ -23,7 +23,7 @@ class comment_rss_Core { $feeds["comment/newest"] = t("All new comments"); if ($item) { $feeds["comment/item/$item->id"] = - t("Comments on %title", array("title" => SafeString::purify($item->title))); + t("Comments on %title", array("title" => html::purify($item->title))); } return $feeds; } @@ -49,13 +49,13 @@ class comment_rss_Core { $item = $comment->item(); $feed->children[] = new ArrayObject( array("pub_date" => date("D, d M Y H:i:s T", $comment->created), - "text" => nl2br(SafeString::purify($comment->text)), + "text" => nl2br(html::purify($comment->text)), "thumb_url" => $item->thumb_url(), "thumb_height" => $item->thumb_height, "thumb_width" => $item->thumb_width, "item_uri" => url::abs_site("{$item->type}s/$item->id"), - "title" => SafeString::purify($item->title), - "author" => SafeString::of($comment->author_name())), + "title" => html::purify($item->title), + "author" => html::clean($comment->author_name())), ArrayObject::ARRAY_AS_PROPS); } diff --git a/modules/comment/views/admin_block_recent_comments.html.php b/modules/comment/views/admin_block_recent_comments.html.php index 2c7a5cf1..dc3975e0 100644 --- a/modules/comment/views/admin_block_recent_comments.html.php +++ b/modules/comment/views/admin_block_recent_comments.html.php @@ -4,13 +4,13 @@

" class="gAvatar" - alt="author_name()) ?>" + alt="author_name()) ?>" width="32" height="32" /> created) ?> %author_name said %comment_text', - array("author_name" => SafeString::of($comment->author_name()), - "comment_text" => text::limit_words(nl2br(SafeString::purify($comment->text)), 50))); ?> + array("author_name" => html::clean($comment->author_name()), + "comment_text" => text::limit_words(nl2br(html::purify($comment->text)), 50))); ?>

diff --git a/modules/comment/views/admin_comments.html.php b/modules/comment/views/admin_comments.html.php index 8b0b4c29..801ce2b3 100644 --- a/modules/comment/views/admin_comments.html.php +++ b/modules/comment/views/admin_comments.html.php @@ -108,12 +108,12 @@

" class="gAvatar" - alt="author_name()) ?>" + alt="author_name()) ?>" width="40" height="40" /> -

author_name()) ?>

@@ -122,7 +122,7 @@ has_thumb()): ?> <?= SafeString::purify($item->title) ?>

thumb_width, $item->thumb_height, 75) ?> /> @@ -132,7 +132,7 @@

created) ?>

- text)) ?> + text)) ?>

diff --git a/modules/comment/views/comment.html.php b/modules/comment/views/comment.html.php index 31bb7f4d..1d0786cb 100644 --- a/modules/comment/views/comment.html.php +++ b/modules/comment/views/comment.html.php @@ -4,15 +4,15 @@

" class="gAvatar" - alt="author_name()) ?>" + alt="author_name()) ?>" width="40" height="40" />

- text)) ?> + text)) ?>

Gallery 3 - <?= SafeString::of($feed->title) ?> + <?= html::clean($feed->title) ?> uri ?> - description) ?> + description) ?> en-us @@ -22,14 +22,14 @@ children as $child): ?> - <?= SafeString::purify($child->title) ?> - item_uri) ?> - author) ?> + <?= html::purify($child->title) ?> + item_uri) ?> + author) ?> item_uri ?> pub_date ?> text)) ?>

text)) ?>

diff --git a/modules/comment/views/comments.html.php b/modules/comment/views/comments.html.php index 9eac0502..1e45c946 100644 --- a/modules/comment/views/comments.html.php +++ b/modules/comment/views/comments.html.php @@ -18,16 +18,16 @@ " class="gAvatar" - alt="author_name()) ?>" + alt="author_name()) ?>" width="40" height="40" /> %name said', array("date" => date("Y-M-d H:i:s", $comment->created), - "name" => SafeString::of($comment->author_name()))); ?> + "name" => html::clean($comment->author_name()))); ?>

- text)) ?> + text)) ?>

diff --git a/modules/digibug/controllers/digibug.php b/modules/digibug/controllers/digibug.php index 509a8b70..0939704b 100644 --- a/modules/digibug/controllers/digibug.php +++ b/modules/digibug/controllers/digibug.php @@ -50,7 +50,7 @@ class Digibug_Controller extends Controller { "image_width_1" => $item->width, "thumb_height_1" => $item->thumb_height, "thumb_width_1" => $item->thumb_width, - "title_1" => SafeString::purify($item->title)); + "title_1" => html::purify($item->title)); print $v; } diff --git a/modules/exif/views/exif_dialog.html.php b/modules/exif/views/exif_dialog.html.php index a981ca09..11d1e212 100644 --- a/modules/exif/views/exif_dialog.html.php +++ b/modules/exif/views/exif_dialog.html.php @@ -14,14 +14,14 @@ - + - + diff --git a/modules/g2_import/helpers/g2_import.php b/modules/g2_import/helpers/g2_import.php index a01ca1db..7e5c6f75 100644 --- a/modules/g2_import/helpers/g2_import.php +++ b/modules/g2_import/helpers/g2_import.php @@ -590,7 +590,7 @@ class g2_import_Core { self::map($g2_comment->getId(), $comment->id); return t("Imported comment '%comment' for item with id: %id", array("id" => $comment->item_id, - "comment" => text::limit_words(nl2br(SafeString::purify($comment->text)), 50))); + "comment" => text::limit_words(nl2br(html::purify($comment->text)), 50))); } /** diff --git a/modules/gallery/controllers/admin_advanced_settings.php b/modules/gallery/controllers/admin_advanced_settings.php index d727b654..43c77340 100644 --- a/modules/gallery/controllers/admin_advanced_settings.php +++ b/modules/gallery/controllers/admin_advanced_settings.php @@ -46,7 +46,7 @@ class Admin_Advanced_Settings_Controller extends Admin_Controller { module::set_var($module_name, $var_name, Input::instance()->post("value")); message::success( t("Saved value for %var (%module_name)", - array("var" => SafeString::of($var_name), "module_name" => $module_name))); + array("var" => html::clean($var_name), "module_name" => $module_name))); print json_encode(array("result" => "success")); } diff --git a/modules/gallery/controllers/quick.php b/modules/gallery/controllers/quick.php index 8fddb563..20731f9c 100644 --- a/modules/gallery/controllers/quick.php +++ b/modules/gallery/controllers/quick.php @@ -75,7 +75,7 @@ class Quick_Controller extends Controller { access::required("view", $item->parent()); access::required("edit", $item->parent()); - $msg = t("Made %title this album's cover", array("title" => SafeString::purify($item->title))); + $msg = t("Made %title this album's cover", array("title" => html::purify($item->title))); item::make_album_cover($item); message::success($msg); @@ -91,10 +91,10 @@ class Quick_Controller extends Controller { if ($item->is_album()) { print t( "Delete the album %title? All photos and movies in the album will also be deleted.", - array("title" => SafeString::purify($item->title))); + array("title" => html::purify($item->title))); } else { print t("Are you sure you want to delete %title?", - array("title" => SafeString::purify($item->title))); + array("title" => html::purify($item->title))); } $form = item::get_delete_form($item); @@ -108,9 +108,9 @@ class Quick_Controller extends Controller { access::required("edit", $item); if ($item->is_album()) { - $msg = t("Deleted album %title", array("title" => SafeString::purify($item->title))); + $msg = t("Deleted album %title", array("title" => html::purify($item->title))); } else { - $msg = t("Deleted photo %title", array("title" => SafeString::purify($item->title))); + $msg = t("Deleted photo %title", array("title" => html::purify($item->title))); } $parent = $item->parent(); diff --git a/modules/gallery/helpers/MY_html.php b/modules/gallery/helpers/MY_html.php index eb388811..75114898 100644 --- a/modules/gallery/helpers/MY_html.php +++ b/modules/gallery/helpers/MY_html.php @@ -65,11 +65,11 @@ class html extends html_Core { * * Example:

    *   
 
-   SafeString::purify($album->title))) ?>
+   html::purify($album->title))) ?>
   
     
       
diff --git a/modules/organize/views/organize_tree.html.php b/modules/organize/views/organize_tree.html.php
index 387d5977..5b676889 100644
--- a/modules/organize/views/organize_tree.html.php
+++ b/modules/organize/views/organize_tree.html.php
@@ -5,7 +5,7 @@
   
   
   
-    title) ?>
+    title) ?>
   
   
     
@@ -17,7 +17,7 @@
       
       "
             ref="id ?>">
-        title) ?>
+        title) ?>
       
 
       id == $album->id): ?>
@@ -29,7 +29,7 @@
           
           
-            title) ?>
+            title) ?>
           
         
         
diff --git a/modules/rss/views/feed.mrss.php b/modules/rss/views/feed.mrss.php
index 7298b7f4..731703c7 100644
--- a/modules/rss/views/feed.mrss.php
+++ b/modules/rss/views/feed.mrss.php
@@ -6,9 +6,9 @@
    xmlns:fh="http://purl.org/syndication/history/1.0">
   
     gallery3
-    <?= SafeString::of($feed->title) ?>
+    <?= html::clean($feed->title) ?>
     uri ?>
-    description) ?>
+    description) ?>
     en-us
     
     
@@ -22,25 +22,25 @@
     
     children as $child): ?>
     
-      <?= SafeString::of($child->title) ?>
+      <?= html::clean($child->title) ?>
       type}s/{$child->id}") ?>
       type}s/{$child->id}") ?>
       created); ?>
       
         description) ?>
+          description) ?>
           
           type == "photo" || $child->type == "album"): ?>
             

           
             type}s/{$child->id}") ?>">
             

           
-            description) ?>
+            description) ?>
           
         ]]>
       
diff --git a/modules/rss/views/rss_block.html.php b/modules/rss/views/rss_block.html.php
index cd8db89d..737731b6 100644
--- a/modules/rss/views/rss_block.html.php
+++ b/modules/rss/views/rss_block.html.php
@@ -5,7 +5,7 @@
     
     
       
-      
+      
     
     
   
diff --git a/modules/search/views/search.html.php b/modules/search/views/search.html.php
index e5c7b4a6..7963948d 100644
--- a/modules/search/views/search.html.php
+++ b/modules/search/views/search.html.php
@@ -8,7 +8,7 @@
     
       
         
-        
+        
       
       
         for_html_attr() ?>" />
@@ -31,10 +31,10 @@
       id") ?>">
         thumb_img() ?>
         
-    title) ?>
+    title) ?>
         
         
-    description)) ?>
+    description)) ?>
         
       
     
diff --git a/modules/server_add/views/admin_server_add.html.php b/modules/server_add/views/admin_server_add.html.php
index c4439bda..b48a19da 100644
--- a/modules/server_add/views/admin_server_add.html.php
+++ b/modules/server_add/views/admin_server_add.html.php
@@ -16,7 +16,7 @@
            class="gRemoveDir ui-icon ui-icon-trash">
           X
         
-        
+        
       
       
     
diff --git a/modules/server_add/views/server_add_tree.html.php b/modules/server_add/views/server_add_tree.html.php
index 2f65a590..dbae42c5 100644
--- a/modules/server_add/views/server_add_tree.html.php
+++ b/modules/server_add/views/server_add_tree.html.php
@@ -10,7 +10,7 @@
     
       
       
-        
+        
       
       
         
@@ -24,7 +24,7 @@
                 
                 file=" '\\"')) ?>"
                 >
-            
+            
           
         
         
diff --git a/modules/server_add/views/server_add_tree_dialog.html.php b/modules/server_add/views/server_add_tree_dialog.html.php
index 912e69b6..8eb6e4df 100644
--- a/modules/server_add/views/server_add_tree_dialog.html.php
+++ b/modules/server_add/views/server_add_tree_dialog.html.php
@@ -5,17 +5,17 @@
 
 
 
-   SafeString::purify($item->title))) ?>
+   html::purify($item->title))) ?>
 
   
   
     parents() as $parent): ?>
     
-      title) ?>
+      title) ?>
     
     
     
-      title) ?>
+      title) ?>
     
   
 
diff --git a/modules/tag/controllers/admin_tags.php b/modules/tag/controllers/admin_tags.php
index f1b4ca3a..8b8dde21 100644
--- a/modules/tag/controllers/admin_tags.php
+++ b/modules/tag/controllers/admin_tags.php
@@ -106,7 +106,7 @@ class Admin_Tags_Controller extends Admin_Controller {
         array("result" => "success",
               "location" => url::site("admin/tags"),
               "tag_id" => $tag->id,
-              "new_tagname" => SafeString::of($tag->name)));
+              "new_tagname" => html::clean($tag->name)));
     } else {
       print json_encode(
         array("result" => "error",
diff --git a/modules/tag/views/admin_tags.html.php b/modules/tag/views/admin_tags.html.php
index 30dd0728..3d805c5e 100644
--- a/modules/tag/views/admin_tags.html.php
+++ b/modules/tag/views/admin_tags.html.php
@@ -32,7 +32,7 @@
           name, 0, 1)) ?>
 
           
-            
+            
             
           
              $tags_per_column): /* new column */ ?>
@@ -42,12 +42,12 @@
             
 
             
-            
+            
             
           
 
           
-            name) ?>
+            name) ?>
             (count ?>)
             id") ?>"
                class="gDialogLink delete-link gButtonLink">
diff --git a/modules/tag/views/tag_cloud.html.php b/modules/tag/views/tag_cloud.html.php
index b4c6ae34..d6a0b5f8 100644
--- a/modules/tag/views/tag_cloud.html.php
+++ b/modules/tag/views/tag_cloud.html.php
@@ -3,7 +3,7 @@
   
   

     count ?> photos are tagged with 
-    id") ?>">name) ?>
+    id") ?>">name) ?>
   
   
 
diff --git a/modules/user/controllers/logout.php b/modules/user/controllers/logout.php
index 4b141a1c..fc3ced56 100644
--- a/modules/user/controllers/logout.php
+++ b/modules/user/controllers/logout.php
@@ -24,7 +24,7 @@ class Logout_Controller extends Controller {
     $user = user::active();
     user::logout();
     log::info("user", t("User %name logged out", array("name" => $user->name)),
-              html::anchor("user/$user->id", SafeString::of($user->name)));
+              html::anchor("user/$user->id", html::clean($user->name)));
     if ($continue_url = $this->input->get("continue")) {
       $item = url::get_item_from_uri($continue_url);
       if (access::can("view", $item)) {
diff --git a/modules/user/views/admin_users.html.php b/modules/user/views/admin_users.html.php
index 36c4f4fd..9455f9d9 100644
--- a/modules/user/views/admin_users.html.php
+++ b/modules/user/views/admin_users.html.php
@@ -68,16 +68,16 @@
         
           "
                title=""
-               alt="name) ?>"
+               alt="name) ?>"
                width="20"
                height="20" />
-          name) ?>
+          name) ?>
         
         
-          full_name) ?>
+          full_name) ?>
         
         
-          email) ?>
+          email) ?>
         
         
           last_login == 0) ? "" : gallery::date($user->last_login) ?>
diff --git a/modules/user/views/admin_users_group.html.php b/modules/user/views/admin_users_group.html.php
index f89a4392..8418ebc9 100644
--- a/modules/user/views/admin_users_group.html.php
+++ b/modules/user/views/admin_users_group.html.php
@@ -1,6 +1,6 @@
 
 
-  name) ?>
+  name) ?>
   special): ?>
   id") ?>"
     title=" $group->name)) ?>"
@@ -17,7 +17,7 @@
 
   users as $i => $user): ?>
   
-    name) ?>
+    name) ?>
     special): ?>
     id}") .
       '" title="' . t("Edit Your Profile")->for_html_attr() .
       '" id="gUserProfileLink" class="gDialogLink">' .
-      SafeString::of($user->display_name()) . ''))) ?>
+      html::clean($user->display_name()) . ''))) ?>
   
   
     "
diff --git a/themes/default/views/album.html.php b/themes/default/views/album.html.php
index 8c690f5f..caabeee3 100644
--- a/themes/default/views/album.html.php
+++ b/themes/default/views/album.html.php
@@ -2,8 +2,8 @@
 
 
   album_top() ?>
-  title) ?>
-  description)) ?>
+  title) ?>
+  description)) ?>
 
 
 
@@ -20,7 +20,7 @@
     
     thumb_bottom($child) ?>
     context_menu($child, "#gItemId-{$child->id} .gThumbnail") ?>
-    title) ?>
+    title) ?>
     
       thumb_info($child) ?>
     
diff --git a/themes/default/views/dynamic.html.php b/themes/default/views/dynamic.html.php
index 2d8e04a2..9ed9d69b 100644
--- a/themes/default/views/dynamic.html.php
+++ b/themes/default/views/dynamic.html.php
@@ -3,7 +3,7 @@
   
     dynamic_top() ?>
   
-  
+  
 
 
 
@@ -16,7 +16,7 @@
            width="thumb_width ?>"
            height="thumb_height ?>" />
     
-    title) ?>
+    title) ?>
     thumb_bottom($child) ?>
     
       thumb_info($child) ?>
diff --git a/themes/default/views/header.html.php b/themes/default/views/header.html.php
index 9e34401d..dcfa6fd8 100644
--- a/themes/default/views/header.html.php
+++ b/themes/default/views/header.html.php
@@ -19,10 +19,10 @@
   
   
     id}?show=$item->id") ?>">
-      title) ?>
+      title) ?>
     
   
   
-  title) ?>
+  title) ?>
 
 
diff --git a/themes/default/views/movie.html.php b/themes/default/views/movie.html.php
index 237743b7..910814dd 100644
--- a/themes/default/views/movie.html.php
+++ b/themes/default/views/movie.html.php
@@ -28,8 +28,8 @@
   movie_img(array("class" => "gMovie", "id" => "gMovieId-{$item->id}")) ?>
 
   
-    title) ?>
-       description)) ?>
+    title) ?>
+       description)) ?>
   
 
   photo_bottom() ?>
diff --git a/themes/default/views/photo.html.php b/themes/default/views/photo.html.php
index 5b5cb12b..c601c4cc 100644
--- a/themes/default/views/photo.html.php
+++ b/themes/default/views/photo.html.php
@@ -5,7 +5,7 @@
 
diff --git a/modules/gallery/views/permissions_browse.html.php b/modules/gallery/views/permissions_browse.html.php
index d9395b3f..231daa04 100644
--- a/modules/gallery/views/permissions_browse.html.php
+++ b/modules/gallery/views/permissions_browse.html.php
@@ -5,9 +5,9 @@
     $.ajax({
       url: form_url.replace("__ITEM__", id),
       success: function(data) {
-		    $("#gEditPermissionForm").html(data);
-		    $(".active").removeClass("active");
-		    $("#item-" + id).addClass("active");
+          $("#gEditPermissionForm").html(data);
+          $(".active").removeClass("active");
+          $("#item-" + id).addClass("active");
       }
     });
   }
@@ -28,13 +28,14 @@
   
   
     
-      mod_rewrite and set AllowOverride FileInfo Options to fix this.", array("mod_rewrite_attrs" => "href=\"http://httpd.apache.org/docs/2.0/mod/mod_rewrite.html\" target=\"_blank\"", "apache_attrs" => "href=\"http://httpd.apache.org/docs/2.0/mod/core.html#allowoverride\" target=\"_blank\"")) ?>
+      mod_rewrite and set AllowOverride FileInfo Options to fix this.",
+            array("mod_rewrite_attrs" => html::mark_safe("href=\"http://httpd.apache.org/docs/2.0/mod/mod_rewrite.html\" target=\"_blank\"", "apache_attrs" => "href=\"http://httpd.apache.org/docs/2.0/mod/core.html#allowoverride\" target=\"_blank\""))) ?>
     
   
   
-  
+
   
-  
+
   
     
     
@@ -45,11 +46,11 @@
     
     

       
-    	title) ?>
+        title) ?>
       
     
   
-  
+
   
     
   
diff --git a/modules/gallery/views/simple_uploader.html.php b/modules/gallery/views/simple_uploader.html.php
index ccb166fc..9cf554ec 100644
--- a/modules/gallery/views/simple_uploader.html.php
+++ b/modules/gallery/views/simple_uploader.html.php
@@ -82,22 +82,22 @@
 
 
diff --git a/themes/admin_default/views/admin.html.php b/themes/admin_default/views/admin.html.php
index 2ed8c38e..3b1ff92c 100644
--- a/themes/admin_default/views/admin.html.php
+++ b/themes/admin_default/views/admin.html.php
@@ -23,7 +23,7 @@
    script("gallery.common.js") ?>
    
    
    script("gallery.ajax.js") ?>
    script("gallery.dialog.js") ?>
diff --git a/themes/default/views/page.html.php b/themes/default/views/page.html.php
index 844ef295..2696442b 100644
--- a/themes/default/views/page.html.php
+++ b/themes/default/views/page.html.php
@@ -12,7 +12,7 @@
           item()->is_album()): ?>
            $theme->item()->title)) ?>
           item()->is_photo()): ?>
-	   $theme->item()->title)) ?>
+           $theme->item()->title)) ?>
           
            $theme->item()->title)) ?>
           
@@ -51,7 +51,7 @@
     script("gallery.common.js") ?>
     
     
     script("gallery.ajax.js") ?>
     script("gallery.dialog.js") ?>
diff --git a/themes/default/views/photo.html.php b/themes/default/views/photo.html.php
index 00e157ce..5289b467 100644
--- a/themes/default/views/photo.html.php
+++ b/themes/default/views/photo.html.php
@@ -5,7 +5,7 @@

title) ?>

title) ?>

title)->purified_html() ?>

title) ?>

title) ?>

name ?>

p::purify($item->title))) ?>

SafeString::purify($item->title))) ?>

title)->purified_html() ?>

title) ?>

title) ?>

title) ?>

title) ?>

title) ?>

SafeString::purify($album->title))) ?>

html::purify($album->title))) ?>

SafeString::purify($item->title))) ?>

html::purify($item->title))) ?>

- name) ?> + name) ?> special): ?> id") ?>" title=" $group->name)) ?>" @@ -17,7 +17,7 @@ users as $i => $user): ?>

title) ?>

title) ?>

title) ?>

title) ?>

title) ?>

title) ?>

title) ?>

title) ?>