stian/gallery3
1
0
Fork 0
mirror of https://github.com/Pathduck/gallery3.git synced 2026-05-20 11:29:24 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
b42fcb9cda4dafdb9db86770f54965b3fb2fc7ab
gallery3/modules/digibug/controllers/digibug.php

121 lines
4.0 KiB
PHP
Raw Normal View History

Fix preamble so tests pass
2009-06-22 06:03:55 -07:00
<?php defined("SYSPATH") or die("No direct script access.");
/**
The start of the digibug printing module. The first cut at the administration panels. <Caution:> This is still a work in progress.
2009-06-21 08:52:26 -07:00
* Gallery - a web based photo album viewer and editor
Update the copyright to 2010. It's only 3 months into the year :-)
2010-03-03 10:15:34 -08:00
* Copyright (C) 2000-2010 Bharat Mediratta
The start of the digibug printing module. The first cut at the administration panels. <Caution:> This is still a work in progress.
2009-06-21 08:52:26 -07:00
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or (at
* your option) any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
*/
class Digibug_Controller extends Controller {
Create a way for controllers to exempty themselves from maintenance mode and private gallery mode by setting the following constants in the controller to true. ALLOW_MAINTENANCE_MODE ALLOW_PRIVATE_GALLERY Fixes #1411 and the subsequent refactoring fixes #1551 as well.
2010-12-23 23:34:04 -08:00
const ALLOW_PRIVATE_GALLERY = true;
This commit moves a little further along the path: 1) moves the print button from the quick pane to thumb_bottom 2) Creates an entry into the proxy table
2009-06-22 21:51:22 -07:00
public function print_photo($id) {
The start of the digibug printing module. The first cut at the administration panels. <Caution:> This is still a work in progress.
2009-06-21 08:52:26 -07:00
access::verify_csrf();
This commit moves a little further along the path: 1) moves the print button from the quick pane to thumb_bottom 2) Creates an entry into the proxy table
2009-06-22 21:51:22 -07:00
$item = ORM::factory("item", $id);
Fix for ticket #502 This patch allows users with only view permission to request fullsize prints using Digibug. There is now a Digibug config file that contains the IP ranges of the Digibug servers. Any request for the full size image via the print proxy must come from within the ranges in the config file. The reason for the "if (!Test_Mode) {..." is that the print proxy makes a call to Kohana::close_buffers, which closes all the output buffers and then we see the image download on the console which messes up the test output.
2009-07-23 07:02:10 -07:00
access::required("view", $item);
Digibug simplification cleanup. Upgrade digibug module to version 2. 1) Simplify the admin settings page to what most of our users want. Eliminate basic_ and default_ ids. We just have company_id and default_id. Advanced users can use advanced settings for now. 2) Fix security in print_photos (didn't get it right in my last commit) 3) Use the regular thumb and full urls if the images are publicly available to reduce load on the proxy. 4) Simplify proxy expiration code. 5) Eliminate all specialized styles from the admin theme.
2009-06-27 15:55:47 -07:00
Change the name of identity library from Identity to IdentityProvider. Create a helper class called identity to simplify call the Identity Provider. Move the contents of MY_Session.php to the new helper class and remove the MY_Session class
2009-10-22 13:09:20 -07:00
if (access::group_can(identity::everybody(), "view_full", $item)) {
Digibug simplification cleanup. Upgrade digibug module to version 2. 1) Simplify the admin settings page to what most of our users want. Eliminate basic_ and default_ ids. We just have company_id and default_id. Advanced users can use advanced settings for now. 2) Fix security in print_photos (didn't get it right in my last commit) 3) Use the regular thumb and full urls if the images are publicly available to reduce load on the proxy. 4) Simplify proxy expiration code. 5) Eliminate all specialized styles from the admin theme.
2009-06-27 15:55:47 -07:00
$full_url = $item->file_url(true);
$thumb_url = $item->thumb_url(true);
} else {
$proxy = ORM::factory("digibug_proxy");
Consolidate all the random code into a random helper that offers: random::hash() random::string() random::percent() random::int() So that we don't have lots of different ways to get random values all over the code. Follow-on to #1527.
2010-12-15 14:57:00 -08:00
$proxy->uuid = random::hash();
Digibug simplification cleanup. Upgrade digibug module to version 2. 1) Simplify the admin settings page to what most of our users want. Eliminate basic_ and default_ ids. We just have company_id and default_id. Advanced users can use advanced settings for now. 2) Fix security in print_photos (didn't get it right in my last commit) 3) Use the regular thumb and full urls if the images are publicly available to reduce load on the proxy. 4) Simplify proxy expiration code. 5) Eliminate all specialized styles from the admin theme.
2009-06-27 15:55:47 -07:00
$proxy->item_id = $item->id;
$proxy->save();
$full_url = url::abs_site("digibug/print_proxy/full/$proxy->uuid");
$thumb_url = url::abs_site("digibug/print_proxy/thumb/$proxy->uuid");
}
1) Rename the basic_company_id and basic_event_id to default_*_id 2) Removed the tabs on the digibug admin page word count is now at 35. 3) Added a default link which resets the event and company id's to gallery's ids
2009-06-25 21:41:54 -07:00
This implements the Digibug printing. When a a print request is made the digibug shopping cart is opened in a new window. When the cart is emptied, the window is closed. Users can close the window by pressing the continue shopping button
2009-06-23 22:13:28 -07:00
$v = new View("digibug_form.html");
Fix #992: Digibug pops up a blank page and doesn't allow printing form::hidden() changed in K24 breaking this. Also fixed the spelling of "$order_params"
2010-01-30 16:05:20 -08:00
$v->order_params = array(
This commit moves a little further along the path: 1) moves the print button from the quick pane to thumb_bottom 2) Creates an entry into the proxy table
2009-06-22 21:51:22 -07:00
"digibug_api_version" => "100",
Digibug simplification cleanup. Upgrade digibug module to version 2. 1) Simplify the admin settings page to what most of our users want. Eliminate basic_ and default_ ids. We just have company_id and default_id. Advanced users can use advanced settings for now. 2) Fix security in print_photos (didn't get it right in my last commit) 3) Use the regular thumb and full urls if the images are publicly available to reduce load on the proxy. 4) Simplify proxy expiration code. 5) Eliminate all specialized styles from the admin theme.
2009-06-27 15:55:47 -07:00
"company_id" => module::get_var("digibug", "company_id"),
"event_id" => module::get_var("digibug", "event_id"),
Create a maintenance task that allows the administrator to remove any proxy requests that are still active after 10 days. Digibug requires that the image be available for 5 days, so we'll give them an extra 5 days. Also correct a few issues with the protocol.
2009-06-24 13:11:53 -07:00
"cmd" => "addimg",
Add the partner id to the message being sent to digibug
2009-07-01 18:01:15 -07:00
"partner_code" => "69",
This implements the Digibug printing. When a a print request is made the digibug shopping cart is opened in a new window. When the cart is emptied, the window is closed. Users can close the window by pressing the continue shopping button
2009-06-23 22:13:28 -07:00
"return_url" => url::abs_site("digibug/close_window"),
This commit moves a little further along the path: 1) moves the print button from the quick pane to thumb_bottom 2) Creates an entry into the proxy table
2009-06-22 21:51:22 -07:00
"num_images" => "1",
Digibug simplification cleanup. Upgrade digibug module to version 2. 1) Simplify the admin settings page to what most of our users want. Eliminate basic_ and default_ ids. We just have company_id and default_id. Advanced users can use advanced settings for now. 2) Fix security in print_photos (didn't get it right in my last commit) 3) Use the regular thumb and full urls if the images are publicly available to reduce load on the proxy. 4) Simplify proxy expiration code. 5) Eliminate all specialized styles from the admin theme.
2009-06-27 15:55:47 -07:00
"image_1" => $full_url,
"thumb_1" => $thumb_url,
This commit moves a little further along the path: 1) moves the print button from the quick pane to thumb_bottom 2) Creates an entry into the proxy table
2009-06-22 21:51:22 -07:00
"image_height_1" => $item->height,
"image_width_1" => $item->width,
"thumb_height_1" => $item->thumb_height,
"thumb_width_1" => $item->thumb_width,
Update all code to use helper method html::clean(), html::purify(), ... instead of SafeString directly.
2009-08-29 22:54:20 -07:00
"title_1" => html::purify($item->title));
This commit moves a little further along the path: 1) moves the print button from the quick pane to thumb_bottom 2) Creates an entry into the proxy table
2009-06-22 21:51:22 -07:00
This implements the Digibug printing. When a a print request is made the digibug shopping cart is opened in a new window. When the cart is emptied, the window is closed. Users can close the window by pressing the continue shopping button
2009-06-23 22:13:28 -07:00
print $v;
The start of the digibug printing module. The first cut at the administration panels. <Caution:> This is still a work in progress.
2009-06-21 08:52:26 -07:00
}
Fix preamble so tests pass
2009-06-22 06:03:55 -07:00
Rename $id --> $uuid for clarity.
2009-12-21 16:40:18 -08:00
public function print_proxy($type, $uuid) {
Fix for ticket #502 This patch allows users with only view permission to request fullsize prints using Digibug. There is now a Digibug config file that contains the IP ranges of the Digibug servers. Any request for the full size image via the print proxy must come from within the ranges in the config file. The reason for the "if (!Test_Mode) {..." is that the print proxy makes a call to Kohana::close_buffers, which closes all the output buffers and then we see the image download on the console which messes up the test output.
2009-07-23 07:02:10 -07:00
// If its a request for the full size then make sure we are coming from an
// authorized address
if ($type == "full") {
Updates for the latest version of Kohana 2.4: 1) Controller::$input is gone -- use Input::instance() now 2) Handle new 'database.<default>.connection.params' parameter 3) Handle new 'cache.<default>.prefix' parameter
2009-12-21 21:27:43 -08:00
$remote_addr = ip2long(Input::instance()->server("REMOTE_ADDR"));
Fix for ticket #502 This patch allows users with only view permission to request fullsize prints using Digibug. There is now a Digibug config file that contains the IP ranges of the Digibug servers. Any request for the full size image via the print proxy must come from within the ranges in the config file. The reason for the "if (!Test_Mode) {..." is that the print proxy makes a call to Kohana::close_buffers, which closes all the output buffers and then we see the image download on the console which messes up the test output.
2009-07-23 07:02:10 -07:00
if ($remote_addr === false) {
Kohana::show_404() -> throw new Kohana_404_Exception()
2009-11-25 13:49:40 -08:00
throw new Kohana_404_Exception();
Fix for ticket #502 This patch allows users with only view permission to request fullsize prints using Digibug. There is now a Digibug config file that contains the IP ranges of the Digibug servers. Any request for the full size image via the print proxy must come from within the ranges in the config file. The reason for the "if (!Test_Mode) {..." is that the print proxy makes a call to Kohana::close_buffers, which closes all the output buffers and then we see the image download on the console which messes up the test output.
2009-07-23 07:02:10 -07:00
}
$config = Kohana::config("digibug");
$authorized = false;
foreach ($config["ranges"] as $ip_range) {
$low = ip2long($ip_range["low"]);
$high = ip2long($ip_range["high"]);
$authorized = $low !== false && $high !== false &&
$low <= $remote_addr && $remote_addr <= $high;
if ($authorized) {
break;
}
}
if (!$authorized) {
Kohana::show_404() -> throw new Kohana_404_Exception()
2009-11-25 13:49:40 -08:00
throw new Kohana_404_Exception();
Fix for ticket #502 This patch allows users with only view permission to request fullsize prints using Digibug. There is now a Digibug config file that contains the IP ranges of the Digibug servers. Any request for the full size image via the print proxy must come from within the ranges in the config file. The reason for the "if (!Test_Mode) {..." is that the print proxy makes a call to Kohana::close_buffers, which closes all the output buffers and then we see the image download on the console which messes up the test output.
2009-07-23 07:02:10 -07:00
}
}
Rename $id --> $uuid for clarity.
2009-12-21 16:40:18 -08:00
$proxy = ORM::factory("digibug_proxy")->where("uuid", "=", $uuid)->find();
Preliminary work to cut over to Kohana 2.4 - Kohana::log() -> Kohana_Log::add() - Kohana::config_XXX -> Kohana_Config::instance()->XXX - Implement View::set_global in MY_View - Updated Cache_Database_Driver to latest APIs - ORM::$loaded -> ORM::loaded() - Updated item::viewable() to use K2.4 parenthesization
2009-11-25 13:22:24 -08:00
if (!$proxy->loaded() || !$proxy->item->loaded()) {
Kohana::show_404() -> throw new Kohana_404_Exception()
2009-11-25 13:49:40 -08:00
throw new Kohana_404_Exception();
This change implements the print_proxy method. This method allows a 1 time security bypass for the remote print processor to retrieve the fullsize image.
2009-06-23 06:06:33 -07:00
}
Digibug simplification cleanup. Upgrade digibug module to version 2. 1) Simplify the admin settings page to what most of our users want. Eliminate basic_ and default_ ids. We just have company_id and default_id. Advanced users can use advanced settings for now. 2) Fix security in print_photos (didn't get it right in my last commit) 3) Use the regular thumb and full urls if the images are publicly available to reduce load on the proxy. 4) Simplify proxy expiration code. 5) Eliminate all specialized styles from the admin theme.
2009-06-27 15:55:47 -07:00
$file = $type == "full" ? $proxy->item->file_path() : $proxy->item->thumb_path();
This change implements the print_proxy method. This method allows a 1 time security bypass for the remote print processor to retrieve the fullsize image.
2009-06-23 06:06:33 -07:00
if (!file_exists($file)) {
Convert a bunch of leftover kohana::show_404 calls to throw Kohana_404_Exception instead. These are the ones where we used a lower-case 'k' so my previous filter didn't catch it.
2009-12-23 20:51:33 -08:00
throw new Kohana_404_Exception();
This change implements the print_proxy method. This method allows a 1 time security bypass for the remote print processor to retrieve the fullsize image.
2009-06-23 06:06:33 -07:00
}
This commit moves a little further along the path: 1) moves the print button from the quick pane to thumb_bottom 2) Creates an entry into the proxy table
2009-06-22 21:51:22 -07:00
// We don't need to save the session for this request
Fix lots of warnings that pop up when we're in E_STRICT mode. They're mostly issues around uninitialized variables, calling non-static functions in a static context, calling Session functions directly instead of on its singleton, passing non-variables by reference, and subclasses not using the same interface as the parent class.
2010-01-31 16:07:41 -08:00
Session::instance()->abort_save();
The start of the digibug printing module. The first cut at the administration panels. <Caution:> This is still a work in progress.
2009-06-21 08:52:26 -07:00
Fix for ticket #502 This patch allows users with only view permission to request fullsize prints using Digibug. There is now a Digibug config file that contains the IP ranges of the Digibug servers. Any request for the full size image via the print proxy must come from within the ranges in the config file. The reason for the "if (!Test_Mode) {..." is that the print proxy makes a call to Kohana::close_buffers, which closes all the output buffers and then we see the image download on the console which messes up the test output.
2009-07-23 07:02:10 -07:00
if (!TEST_MODE) {
// Dump out the image
Fix a bug in the way we set the mime type for protected image renders. Also whitelist the digibug controller so that it's accessible when the gallery is private, and don't expire old proxies right away since Digibug may request the full size multiple times for different preview operations. Fixes ticket #1410.
2010-10-01 21:17:08 -07:00
header("Content-Type: {$proxy->item->mime_type}");
Fix for ticket #502 This patch allows users with only view permission to request fullsize prints using Digibug. There is now a Digibug config file that contains the IP ranges of the Digibug servers. Any request for the full size image via the print proxy must come from within the ranges in the config file. The reason for the "if (!Test_Mode) {..." is that the print proxy makes a call to Kohana::close_buffers, which closes all the output buffers and then we see the image download on the console which messes up the test output.
2009-07-23 07:02:10 -07:00
Kohana::close_buffers(false);
$fd = fopen($file, "rb");
fpassthru($fd);
fclose($fd);
This change implements the print_proxy method. This method allows a 1 time security bypass for the remote print processor to retrieve the fullsize image.
2009-06-23 06:06:33 -07:00
}
Digibug simplification cleanup. Upgrade digibug module to version 2. 1) Simplify the admin settings page to what most of our users want. Eliminate basic_ and default_ ids. We just have company_id and default_id. Advanced users can use advanced settings for now. 2) Fix security in print_photos (didn't get it right in my last commit) 3) Use the regular thumb and full urls if the images are publicly available to reduce load on the proxy. 4) Simplify proxy expiration code. 5) Eliminate all specialized styles from the admin theme.
2009-06-27 15:55:47 -07:00
$this->_clean_expired();
The start of the digibug printing module. The first cut at the administration panels. <Caution:> This is still a work in progress.
2009-06-21 08:52:26 -07:00
}
This commit moves a little further along the path: 1) moves the print button from the quick pane to thumb_bottom 2) Creates an entry into the proxy table
2009-06-22 21:51:22 -07:00
This implements the Digibug printing. When a a print request is made the digibug shopping cart is opened in a new window. When the cart is emptied, the window is closed. Users can close the window by pressing the continue shopping button
2009-06-23 22:13:28 -07:00
public function close_window() {
print "<script type=\"text/javascript\">window.close();</script>";
}
Remove the digibug maintenance task. Expired imges will be removed when the print_proxy is run.
2009-06-25 19:58:14 -07:00
private function _clean_expired() {
Convert a database query.
2009-12-13 17:03:07 -08:00
db::build()
->delete("digibug_proxies")
Use db::expr instead of "new Database_Expression". Resolves #1560.
2010-12-28 23:10:05 -08:00
->where("request_date", "<=", db::expr("(CURDATE() - INTERVAL 10 DAY)"))
Convert a database query.
2009-12-13 17:03:07 -08:00
->limit(20)
->execute();
Remove the digibug maintenance task. Expired imges will be removed when the print_proxy is run.
2009-06-25 19:58:14 -07:00
}
The start of the digibug printing module. The first cut at the administration panels. <Caution:> This is still a work in progress.
2009-06-21 08:52:26 -07:00
}
Reference in New Issue Copy Permalink