stian/gallery3
1
0
Fork 0
mirror of https://github.com/Pathduck/gallery3.git synced 2026-05-20 11:29:24 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
c8397c5d375cd2c80b21ca7281a44fbda9bd2d66
gallery3/modules/watermark/controllers/admin_watermarks.php

154 lines
6.3 KiB
PHP
Raw Normal View History

Start of the dialog to specify the watermark placement. For convience, using the imagemagik nomicalture regarding watermark locations (east, west, center, etc.) You can drag the watermark around but it doesn't stay in place. Need to figure out how to resize the dialog box and all of the supporting javascript
2008-12-15 23:08:18 +00:00
<?php defined("SYSPATH") or die("No direct script access.");
/**
* Gallery - a web based photo album viewer and editor
Update copyright to 2013. Fixes #1953.
2013-01-21 01:22:01 -05:00
* Copyright (C) 2000-2013 Bharat Mediratta
Start of the dialog to specify the watermark placement. For convience, using the imagemagik nomicalture regarding watermark locations (east, west, center, etc.) You can drag the watermark around but it doesn't stay in place. Need to figure out how to resize the dialog box and all of the supporting javascript
2008-12-15 23:08:18 +00:00
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or (at
* your option) any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
*/
Step 1 of converting watermarks over to be an admin page.
2008-12-23 00:13:22 +00:00
class Admin_Watermarks_Controller extends Admin_Controller {
Allow the site admin to upload watermark images. Can't do much with them yet.
2008-12-23 01:29:17 +00:00
public function index() {
Simplify the watermark module. We can now upload, edit and delete one watermark. The UI is rough and we don't yet apply the watermark to images.. that's next.
2008-12-26 01:32:12 +00:00
$name = module::get_var("watermark", "name");
1) Remove the load watermark from the scaffolding... use the menu option 2) The set watermark dialog is now sizing properly. @todo is recenter in the window
2008-12-16 17:30:18 +00:00
Normalize our Admin controllers so that functions always print out their results, as opposed to having them return their view back upstream. This is a little more code in every controller, but it's much less magical and more consistent. Look up the active_theme and active_admin_theme inside the view itself, no need to do that in the controllers. This makes view initialization easier in the controllers.
2008-12-24 04:22:22 +00:00
$view = new Admin_View("admin.html");
Add page_title to admin views. Closes #1038.
2010-04-30 00:08:37 -06:00
$view->page_title = t("Watermarks");
Normalize our Admin controllers so that functions always print out their results, as opposed to having them return their view back upstream. This is a little more code in every controller, but it's much less magical and more consistent. Look up the active_theme and active_admin_theme inside the view itself, no need to do that in the controllers. This makes view initialization easier in the controllers.
2008-12-24 04:22:22 +00:00
$view->content = new View("admin_watermarks.html");
Simplify the watermark module. We can now upload, edit and delete one watermark. The UI is rough and we don't yet apply the watermark to images.. that's next.
2008-12-26 01:32:12 +00:00
if ($name) {
More watermark changes: Change admin/watermarks/upload -> admin/watermarks/add for consistency. Internationalize position text, store it as text in the database, display it to the admin. Make i18n strings consistent to reduce l10n load.
2008-12-26 04:34:20 +00:00
$view->content->name = module::get_var("watermark", "name");
Simplify the watermark module. We can now upload, edit and delete one watermark. The UI is rough and we don't yet apply the watermark to images.. that's next.
2008-12-26 01:32:12 +00:00
$view->content->url = url::file("var/modules/watermark/$name");
More watermark changes: Change admin/watermarks/upload -> admin/watermarks/add for consistency. Internationalize position text, store it as text in the database, display it to the admin. Make i18n strings consistent to reduce l10n load.
2008-12-26 04:34:20 +00:00
$view->content->width = module::get_var("watermark", "width");
$view->content->height = module::get_var("watermark", "height");
$view->content->position = module::get_var("watermark", "position");
Simplify the watermark module. We can now upload, edit and delete one watermark. The UI is rough and we don't yet apply the watermark to images.. that's next.
2008-12-26 01:32:12 +00:00
}
Normalize our Admin controllers so that functions always print out their results, as opposed to having them return their view back upstream. This is a little more code in every controller, but it's much less magical and more consistent. Look up the active_theme and active_admin_theme inside the view itself, no need to do that in the controllers. This makes view initialization easier in the controllers.
2008-12-24 04:22:22 +00:00
print $view;
1) Remove the load watermark from the scaffolding... use the menu option 2) The set watermark dialog is now sizing properly. @todo is recenter in the window
2008-12-16 17:30:18 +00:00
}
Simplify the watermark module. We can now upload, edit and delete one watermark. The UI is rough and we don't yet apply the watermark to images.. that's next.
2008-12-26 01:32:12 +00:00
public function form_edit() {
Full pass over all the JSON encoding and JS dialog code. We now abide by the following rules: 1) An initial dialog or panel load can take either HTML or JSON, but the mime type must accurately reflect its payload. 2) dialog form submits can handle a pure HTML response, but the mime type must also be correct. This properly resolves the problem where the reauth code gets a JSON response first from the reauth code, and then an HTML response when you reauth and continue on to a given form -- try it out with Admin > Settings > Advanced. 3) All JSON replies must set the mime type correctly. The json::reply convenience function does this for us. 4) By default, any HTML content sent back in the JSON response should be in the "html" field, no longer the "form" field. The combination of these allows us to stop doing boilerplate code like this in our controllers: // Print our view, JSON encoded json::reply(array("form" => (string) $view)); instead, controllers can just return HTML, eg: // Print our view print $view; That's much more intuitive for developers.
2010-07-31 21:16:17 -07:00
print watermark::get_edit_form();
Add edit/delete links (they're just stubs now, but they open a dialog). Add active/position to Watermark_Model
2008-12-25 22:31:20 +00:00
}
Simplify the watermark module. We can now upload, edit and delete one watermark. The UI is rough and we don't yet apply the watermark to images.. that's next.
2008-12-26 01:32:12 +00:00
public function edit() {
Security pass over all controller code. Mostly adding CSRF checking and verifying user permissions, but there are several above-the-bar changes: 1) Server add is now only available to admins. This is a hard requirement because we have to limit server access (eg: server_add::children) to a user subset and the current permission model doesn't include that. Easiest fix is to restrict to admins. Got rid of the server_add permission. 2) We now know check permissions at every level, which means in controllers AND in helpers. This "belt and suspenders" approach will give us defense in depth in case we overlook it in one area. 3) We now do CSRF checking in every controller method that changes the code, in addition to the Forge auto-check. Again, defense in depth and it makes scanning the code for security much simpler. 4) Moved Simple_Uploader_Controller::convert_filename_to_title to item:convert_filename_to_title 5) Fixed a bug in sending notification emails. 6) Fixed the Organize code to verify that you only have access to your own tasks. In general, added permission checks to organize which had pretty much no validation code. I did my best to verify every feature that I touched.
2009-06-01 22:40:22 -07:00
access::verify_csrf();
Simplify the watermark module. We can now upload, edit and delete one watermark. The UI is rough and we don't yet apply the watermark to images.. that's next.
2008-12-26 01:32:12 +00:00
$form = watermark::get_edit_form();
if ($form->validate()) {
Add transparency support
2008-12-29 22:30:19 +00:00
module::set_var("watermark", "position", $form->edit_watermark->position->value);
module::set_var("watermark", "transparency", $form->edit_watermark->transparency->value);
Clean up _update_graphics_rules() to make it more robust
2008-12-29 20:17:24 +00:00
$this->_update_graphics_rules();
Added graphics::mark_all_dirty(). The watermark code now marks images as dirty if the admin changes the watermark at all.
2008-12-26 04:52:18 +00:00
i18n refactoring: Rename all _() (reserved by gettext) calls to t(). - And refactor printf to our string interpolation / pluralization syntax - Also, a slight change to the translations_incomings table, using binary(16) instead of char(32) as message key.
2009-01-08 17:13:06 +00:00
log::success("watermark", t("Watermark changed"));
message::success(t("Watermark changed"));
More patches as part of #1225. Change the 'core' modules to use the json::reply method to set the content type header and encode the response as a json object
2010-07-21 21:30:13 -07:00
json::reply(
Simplify the watermark module. We can now upload, edit and delete one watermark. The UI is rough and we don't yet apply the watermark to images.. that's next.
2008-12-26 01:32:12 +00:00
array("result" => "success",
"location" => url::site("admin/watermarks")));
} else {
Full pass over all the JSON encoding and JS dialog code. We now abide by the following rules: 1) An initial dialog or panel load can take either HTML or JSON, but the mime type must accurately reflect its payload. 2) dialog form submits can handle a pure HTML response, but the mime type must also be correct. This properly resolves the problem where the reauth code gets a JSON response first from the reauth code, and then an HTML response when you reauth and continue on to a given form -- try it out with Admin > Settings > Advanced. 3) All JSON replies must set the mime type correctly. The json::reply convenience function does this for us. 4) By default, any HTML content sent back in the JSON response should be in the "html" field, no longer the "form" field. The combination of these allows us to stop doing boilerplate code like this in our controllers: // Print our view, JSON encoded json::reply(array("form" => (string) $view)); instead, controllers can just return HTML, eg: // Print our view print $view; That's much more intuitive for developers.
2010-07-31 21:16:17 -07:00
json::reply(array("result" => "error", "html" => (string)$form));
Simplify the watermark module. We can now upload, edit and delete one watermark. The UI is rough and we don't yet apply the watermark to images.. that's next.
2008-12-26 01:32:12 +00:00
}
#2022 - Fix handling of watermark dialog errors. - admin_watermarks: changed header at end of form_add() from text/html to text/plain - admin_watermarks: added header at end of form_edit() and form_delete() just like form_add() (currently omitted) - admin_watermarks/gallery.dialog.js: removed unnecessary encode/decode workaround
2013-02-27 09:49:05 +01:00
// Override the application/json mime type for iframe compatibility. See ticket #2022.
header("Content-Type: text/plain; charset=" . Kohana::CHARSET);
Simplify the watermark module. We can now upload, edit and delete one watermark. The UI is rough and we don't yet apply the watermark to images.. that's next.
2008-12-26 01:32:12 +00:00
}
Start of the dialog to specify the watermark placement. For convience, using the imagemagik nomicalture regarding watermark locations (east, west, center, etc.) You can drag the watermark around but it doesn't stay in place. Need to figure out how to resize the dialog box and all of the supporting javascript
2008-12-15 23:08:18 +00:00
Simplify the watermark module. We can now upload, edit and delete one watermark. The UI is rough and we don't yet apply the watermark to images.. that's next.
2008-12-26 01:32:12 +00:00
public function form_delete() {
Full pass over all the JSON encoding and JS dialog code. We now abide by the following rules: 1) An initial dialog or panel load can take either HTML or JSON, but the mime type must accurately reflect its payload. 2) dialog form submits can handle a pure HTML response, but the mime type must also be correct. This properly resolves the problem where the reauth code gets a JSON response first from the reauth code, and then an HTML response when you reauth and continue on to a given form -- try it out with Admin > Settings > Advanced. 3) All JSON replies must set the mime type correctly. The json::reply convenience function does this for us. 4) By default, any HTML content sent back in the JSON response should be in the "html" field, no longer the "form" field. The combination of these allows us to stop doing boilerplate code like this in our controllers: // Print our view, JSON encoded json::reply(array("form" => (string) $view)); instead, controllers can just return HTML, eg: // Print our view print $view; That's much more intuitive for developers.
2010-07-31 21:16:17 -07:00
print watermark::get_delete_form();
Simplify the watermark module. We can now upload, edit and delete one watermark. The UI is rough and we don't yet apply the watermark to images.. that's next.
2008-12-26 01:32:12 +00:00
}
public function delete() {
Security pass over all controller code. Mostly adding CSRF checking and verifying user permissions, but there are several above-the-bar changes: 1) Server add is now only available to admins. This is a hard requirement because we have to limit server access (eg: server_add::children) to a user subset and the current permission model doesn't include that. Easiest fix is to restrict to admins. Got rid of the server_add permission. 2) We now know check permissions at every level, which means in controllers AND in helpers. This "belt and suspenders" approach will give us defense in depth in case we overlook it in one area. 3) We now do CSRF checking in every controller method that changes the code, in addition to the Forge auto-check. Again, defense in depth and it makes scanning the code for security much simpler. 4) Moved Simple_Uploader_Controller::convert_filename_to_title to item:convert_filename_to_title 5) Fixed a bug in sending notification emails. 6) Fixed the Organize code to verify that you only have access to your own tasks. In general, added permission checks to organize which had pretty much no validation code. I did my best to verify every feature that I touched.
2009-06-01 22:40:22 -07:00
access::verify_csrf();
Simplify the watermark module. We can now upload, edit and delete one watermark. The UI is rough and we don't yet apply the watermark to images.. that's next.
2008-12-26 01:32:12 +00:00
$form = watermark::get_delete_form();
if ($form->validate()) {
Protect admins from themselves - in case an admin changed the watermark.name setting to something terrible by accident via Admin > Advanced, we'll just use the basename. Fixes #1977.
2013-01-30 18:45:49 -05:00
if ($name = basename(module::get_var("watermark", "name"))) {
#2006 - Add system::mark_file_for_delete API to delete files at shutdown. - added system::mark_file_for_delete to be called to mark a file - added system::delete_marked_files to be called at shutdown to delete the list - amended system::temp_filename to, by default, add the temp name to the list - updated a few other places in code where this should be used
2013-02-17 23:19:35 +01:00
system::delete_later(VARPATH . "modules/watermark/$name");
Start of the dialog to specify the watermark placement. For convience, using the imagemagik nomicalture regarding watermark locations (east, west, center, etc.) You can drag the watermark around but it doesn't stay in place. Need to figure out how to resize the dialog box and all of the supporting javascript
2008-12-15 23:08:18 +00:00
Simplify the watermark module. We can now upload, edit and delete one watermark. The UI is rough and we don't yet apply the watermark to images.. that's next.
2008-12-26 01:32:12 +00:00
module::clear_var("watermark", "name");
module::clear_var("watermark", "width");
module::clear_var("watermark", "height");
module::clear_var("watermark", "mime_type");
module::clear_var("watermark", "position");
Added the concept of "permanent" messages that we show to admins. Use this to show a "your thumbs/resizes are out of date" message whenever we change the graphics rules. Tweak watermark module to add graphics rules whenever we make a change, which triggers the graphics module to add the permanent message.
2008-12-26 05:43:06 +00:00
$this->_update_graphics_rules();
Start of the dialog to specify the watermark placement. For convience, using the imagemagik nomicalture regarding watermark locations (east, west, center, etc.) You can drag the watermark around but it doesn't stay in place. Need to figure out how to resize the dialog box and all of the supporting javascript
2008-12-15 23:08:18 +00:00
i18n refactoring: Rename all _() (reserved by gettext) calls to t(). - And refactor printf to our string interpolation / pluralization syntax - Also, a slight change to the translations_incomings table, using binary(16) instead of char(32) as message key.
2009-01-08 17:13:06 +00:00
log::success("watermark", t("Watermark deleted"));
message::success(t("Watermark deleted"));
Simplify the watermark module. We can now upload, edit and delete one watermark. The UI is rough and we don't yet apply the watermark to images.. that's next.
2008-12-26 01:32:12 +00:00
}
More patches as part of #1225. Change the 'core' modules to use the json::reply method to set the content type header and encode the response as a json object
2010-07-21 21:30:13 -07:00
json::reply(array("result" => "success", "location" => url::site("admin/watermarks")));
Simplify the watermark module. We can now upload, edit and delete one watermark. The UI is rough and we don't yet apply the watermark to images.. that's next.
2008-12-26 01:32:12 +00:00
} else {
Full pass over all the JSON encoding and JS dialog code. We now abide by the following rules: 1) An initial dialog or panel load can take either HTML or JSON, but the mime type must accurately reflect its payload. 2) dialog form submits can handle a pure HTML response, but the mime type must also be correct. This properly resolves the problem where the reauth code gets a JSON response first from the reauth code, and then an HTML response when you reauth and continue on to a given form -- try it out with Admin > Settings > Advanced. 3) All JSON replies must set the mime type correctly. The json::reply convenience function does this for us. 4) By default, any HTML content sent back in the JSON response should be in the "html" field, no longer the "form" field. The combination of these allows us to stop doing boilerplate code like this in our controllers: // Print our view, JSON encoded json::reply(array("form" => (string) $view)); instead, controllers can just return HTML, eg: // Print our view print $view; That's much more intuitive for developers.
2010-07-31 21:16:17 -07:00
json::reply(array("result" => "error", "html" => (string)$form));
Simplify the watermark module. We can now upload, edit and delete one watermark. The UI is rough and we don't yet apply the watermark to images.. that's next.
2008-12-26 01:32:12 +00:00
}
#2022 - Fix handling of watermark dialog errors. - admin_watermarks: changed header at end of form_add() from text/html to text/plain - admin_watermarks: added header at end of form_edit() and form_delete() just like form_add() (currently omitted) - admin_watermarks/gallery.dialog.js: removed unnecessary encode/decode workaround
2013-02-27 09:49:05 +01:00
// Override the application/json mime type for iframe compatibility. See ticket #2022.
header("Content-Type: text/plain; charset=" . Kohana::CHARSET);
Simplify the watermark module. We can now upload, edit and delete one watermark. The UI is rough and we don't yet apply the watermark to images.. that's next.
2008-12-26 01:32:12 +00:00
}
Start of the dialog to specify the watermark placement. For convience, using the imagemagik nomicalture regarding watermark locations (east, west, center, etc.) You can drag the watermark around but it doesn't stay in place. Need to figure out how to resize the dialog box and all of the supporting javascript
2008-12-15 23:08:18 +00:00
More watermark changes: Change admin/watermarks/upload -> admin/watermarks/add for consistency. Internationalize position text, store it as text in the database, display it to the admin. Make i18n strings consistent to reduce l10n load.
2008-12-26 04:34:20 +00:00
public function form_add() {
Full pass over all the JSON encoding and JS dialog code. We now abide by the following rules: 1) An initial dialog or panel load can take either HTML or JSON, but the mime type must accurately reflect its payload. 2) dialog form submits can handle a pure HTML response, but the mime type must also be correct. This properly resolves the problem where the reauth code gets a JSON response first from the reauth code, and then an HTML response when you reauth and continue on to a given form -- try it out with Admin > Settings > Advanced. 3) All JSON replies must set the mime type correctly. The json::reply convenience function does this for us. 4) By default, any HTML content sent back in the JSON response should be in the "html" field, no longer the "form" field. The combination of these allows us to stop doing boilerplate code like this in our controllers: // Print our view, JSON encoded json::reply(array("form" => (string) $view)); instead, controllers can just return HTML, eg: // Print our view print $view; That's much more intuitive for developers.
2010-07-31 21:16:17 -07:00
print watermark::get_add_form();
More watermark changes: Change admin/watermarks/upload -> admin/watermarks/add for consistency. Internationalize position text, store it as text in the database, display it to the admin. Make i18n strings consistent to reduce l10n load.
2008-12-26 04:34:20 +00:00
}
public function add() {
Security pass over all controller code. Mostly adding CSRF checking and verifying user permissions, but there are several above-the-bar changes: 1) Server add is now only available to admins. This is a hard requirement because we have to limit server access (eg: server_add::children) to a user subset and the current permission model doesn't include that. Easiest fix is to restrict to admins. Got rid of the server_add permission. 2) We now know check permissions at every level, which means in controllers AND in helpers. This "belt and suspenders" approach will give us defense in depth in case we overlook it in one area. 3) We now do CSRF checking in every controller method that changes the code, in addition to the Forge auto-check. Again, defense in depth and it makes scanning the code for security much simpler. 4) Moved Simple_Uploader_Controller::convert_filename_to_title to item:convert_filename_to_title 5) Fixed a bug in sending notification emails. 6) Fixed the Organize code to verify that you only have access to your own tasks. In general, added permission checks to organize which had pretty much no validation code. I did my best to verify every feature that I touched.
2009-06-01 22:40:22 -07:00
access::verify_csrf();
Simplify the watermark module. We can now upload, edit and delete one watermark. The UI is rough and we don't yet apply the watermark to images.. that's next.
2008-12-26 01:32:12 +00:00
$form = watermark::get_add_form();
#1970 - Make add watermarks more secure and add unit tests. This follows #1855 and #1951... - Ensured that invalid or illegal files are not added even if they have valid extensions. - Added unit tests (currently there aren't any...)
2013-01-29 18:48:39 +01:00
// For TEST_MODE, we want to simulate a file upload. Because this is not a true upload, Forge's
// validation logic will correctly reject it. So, we skip validation when we're running tests.
if (TEST_MODE || $form->validate()) {
Simplify the watermark module. We can now upload, edit and delete one watermark. The UI is rough and we don't yet apply the watermark to images.. that's next.
2008-12-26 01:32:12 +00:00
$file = $_POST["file"];
// Forge prefixes files with "uploadfile-xxxxxxx" for uniqueness
#2001 - Make filename sanitizing more consistent. - legal_file - added sanitize_filname() to sanitize photo/movie filenames. - admin_watermarks - revised add() to use new function. - item model - added _process_data_file_info() to validate the data file, get its metadata, and sanitize the item name. - item model - revised save() for new items to use _process_data_file_info *before* the slug is checked. - item model - revised save() for updated items to use _process_data_file_info. - item model - revised save() for updated items to sanitize name if changed. - uploader - removed call to smash_extensions (item model does this when it calls sanitize_filename). - Legal_File_Helper_Test - added unit tests for sanitize_filename. - Item_Model_Test - revised existing unit tests based on changes. - Item_Model_Test - added new unit tests for names with legal but incorrect extensions. - Averted take over by HAL with fix #2001...
2013-02-12 00:37:33 +01:00
$name = preg_replace("/uploadfile-[^-]+-(.*)/", '$1', basename($file));
Start of the dialog to specify the watermark placement. For convience, using the imagemagik nomicalture regarding watermark locations (east, west, center, etc.) You can drag the watermark around but it doesn't stay in place. Need to figure out how to resize the dialog box and all of the supporting javascript
2008-12-15 23:08:18 +00:00
#1994 - Make get_file_metadata throw an exception if photo or movie is unidentifiable/illegal. - photo & movie helpers: modified to throw exceptions when file is known to be unidentifiable/illegal. - item model: revised to work with exceptions and be more explicit when the data file is invalid. - item model: removed duplicate get_file_metadata call for updated items. - admin_watermarks controller: revised to work with exceptions (really cleans up logic here). - graphics helper: revised to handle invalid placeholders (a nearly-impossible corner case, but still...). - photo & movie helper tests: revised to work with exceptions, added new tests for illegal files with valid extensions. - item model tests: revised to work with exceptions, added new tests for illegal files with valid extensions.
2013-02-08 13:51:41 +01:00
try {
list ($width, $height, $mime_type, $extension) = photo::get_file_metadata($file);
#2001 - Make filename sanitizing more consistent. - legal_file - added sanitize_filname() to sanitize photo/movie filenames. - admin_watermarks - revised add() to use new function. - item model - added _process_data_file_info() to validate the data file, get its metadata, and sanitize the item name. - item model - revised save() for new items to use _process_data_file_info *before* the slug is checked. - item model - revised save() for updated items to use _process_data_file_info. - item model - revised save() for updated items to sanitize name if changed. - uploader - removed call to smash_extensions (item model does this when it calls sanitize_filename). - Legal_File_Helper_Test - added unit tests for sanitize_filename. - Item_Model_Test - revised existing unit tests based on changes. - Item_Model_Test - added new unit tests for names with legal but incorrect extensions. - Averted take over by HAL with fix #2001...
2013-02-12 00:37:33 +01:00
// Sanitize filename, which ensures a valid extension. This renaming prevents the issues
#1951 - Make metadata generation more flexible (photo and movie helpers). - added photo_get_file_metadata and movie_get_file_metadata events - modified photo::get_file_metadata and movie::get_file_metadata to use them - ensure that non-readable files throw exceptions - redirected other photo metadata calls in core to photo::get_file_metadata (the helper function already exists, but in many places getimagesize is still called directly) - added some unit tests (neither of the functions above had one)
2013-01-26 00:04:55 +01:00
// addressed in ticket #1855, where an image that looked valid (header said jpg) with a
// php extension was previously accepted without changing its extension.
#2001 - Make filename sanitizing more consistent. - legal_file - added sanitize_filname() to sanitize photo/movie filenames. - admin_watermarks - revised add() to use new function. - item model - added _process_data_file_info() to validate the data file, get its metadata, and sanitize the item name. - item model - revised save() for new items to use _process_data_file_info *before* the slug is checked. - item model - revised save() for updated items to use _process_data_file_info. - item model - revised save() for updated items to sanitize name if changed. - uploader - removed call to smash_extensions (item model does this when it calls sanitize_filename). - Legal_File_Helper_Test - added unit tests for sanitize_filename. - Item_Model_Test - revised existing unit tests based on changes. - Item_Model_Test - added new unit tests for names with legal but incorrect extensions. - Averted take over by HAL with fix #2001...
2013-02-12 00:37:33 +01:00
$name = legal_file::sanitize_filename($name, $extension, "photo");
#1994 - Make get_file_metadata throw an exception if photo or movie is unidentifiable/illegal. - photo & movie helpers: modified to throw exceptions when file is known to be unidentifiable/illegal. - item model: revised to work with exceptions and be more explicit when the data file is invalid. - item model: removed duplicate get_file_metadata call for updated items. - admin_watermarks controller: revised to work with exceptions (really cleans up logic here). - graphics helper: revised to handle invalid placeholders (a nearly-impossible corner case, but still...). - photo & movie helper tests: revised to work with exceptions, added new tests for illegal files with valid extensions. - item model tests: revised to work with exceptions, added new tests for illegal files with valid extensions.
2013-02-08 13:51:41 +01:00
} catch (Exception $e) {
message::error(t("Invalid or unidentifiable image file"));
#2006 - Add system::mark_file_for_delete API to delete files at shutdown. - added system::mark_file_for_delete to be called to mark a file - added system::delete_marked_files to be called at shutdown to delete the list - amended system::temp_filename to, by default, add the temp name to the list - updated a few other places in code where this should be used
2013-02-17 23:19:35 +01:00
system::delete_later($file);
#1994 - Make get_file_metadata throw an exception if photo or movie is unidentifiable/illegal. - photo & movie helpers: modified to throw exceptions when file is known to be unidentifiable/illegal. - item model: revised to work with exceptions and be more explicit when the data file is invalid. - item model: removed duplicate get_file_metadata call for updated items. - admin_watermarks controller: revised to work with exceptions (really cleans up logic here). - graphics helper: revised to handle invalid placeholders (a nearly-impossible corner case, but still...). - photo & movie helper tests: revised to work with exceptions, added new tests for illegal files with valid extensions. - item model tests: revised to work with exceptions, added new tests for illegal files with valid extensions.
2013-02-08 13:51:41 +01:00
return;
Inject some sanity into watermark file extensions.
2012-05-11 14:34:27 -07:00
}
Simplify the watermark module. We can now upload, edit and delete one watermark. The UI is rough and we don't yet apply the watermark to images.. that's next.
2008-12-26 01:32:12 +00:00
rename($file, VARPATH . "modules/watermark/$name");
module::set_var("watermark", "name", $name);
#1951 - Make metadata generation more flexible (photo and movie helpers). - added photo_get_file_metadata and movie_get_file_metadata events - modified photo::get_file_metadata and movie::get_file_metadata to use them - ensure that non-readable files throw exceptions - redirected other photo metadata calls in core to photo::get_file_metadata (the helper function already exists, but in many places getimagesize is still called directly) - added some unit tests (neither of the functions above had one)
2013-01-26 00:04:55 +01:00
module::set_var("watermark", "width", $width);
module::set_var("watermark", "height", $height);
module::set_var("watermark", "mime_type", $mime_type);
Add transparency support
2008-12-29 22:30:19 +00:00
module::set_var("watermark", "position", $form->add_watermark->position->value);
module::set_var("watermark", "transparency", $form->add_watermark->transparency->value);
Clean up _update_graphics_rules() to make it more robust
2008-12-29 20:17:24 +00:00
$this->_update_graphics_rules();
#2006 - Add system::mark_file_for_delete API to delete files at shutdown. - added system::mark_file_for_delete to be called to mark a file - added system::delete_marked_files to be called at shutdown to delete the list - amended system::temp_filename to, by default, add the temp name to the list - updated a few other places in code where this should be used
2013-02-17 23:19:35 +01:00
system::delete_later($file);
Start of the dialog to specify the watermark placement. For convience, using the imagemagik nomicalture regarding watermark locations (east, west, center, etc.) You can drag the watermark around but it doesn't stay in place. Need to figure out how to resize the dialog box and all of the supporting javascript
2008-12-15 23:08:18 +00:00
i18n refactoring: Rename all _() (reserved by gettext) calls to t(). - And refactor printf to our string interpolation / pluralization syntax - Also, a slight change to the translations_incomings table, using binary(16) instead of char(32) as message key.
2009-01-08 17:13:06 +00:00
message::success(t("Watermark saved"));
log::success("watermark", t("Watermark saved"));
More patches as part of #1225. Change the 'core' modules to use the json::reply method to set the content type header and encode the response as a json object
2010-07-21 21:30:13 -07:00
json::reply(array("result" => "success", "location" => url::site("admin/watermarks")));
Simplify the watermark module. We can now upload, edit and delete one watermark. The UI is rough and we don't yet apply the watermark to images.. that's next.
2008-12-26 01:32:12 +00:00
} else {
#2022 - Fix handling of watermark dialog errors. - admin_watermarks: changed header at end of form_add() from text/html to text/plain - admin_watermarks: added header at end of form_edit() and form_delete() just like form_add() (currently omitted) - admin_watermarks/gallery.dialog.js: removed unnecessary encode/decode workaround
2013-02-27 09:49:05 +01:00
json::reply(array("result" => "error", "html" => (string)$form));
Start of the dialog to specify the watermark placement. For convience, using the imagemagik nomicalture regarding watermark locations (east, west, center, etc.) You can drag the watermark around but it doesn't stay in place. Need to figure out how to resize the dialog box and all of the supporting javascript
2008-12-15 23:08:18 +00:00
}
#2022 - Fix handling of watermark dialog errors. - admin_watermarks: changed header at end of form_add() from text/html to text/plain - admin_watermarks: added header at end of form_edit() and form_delete() just like form_add() (currently omitted) - admin_watermarks/gallery.dialog.js: removed unnecessary encode/decode workaround
2013-02-27 09:49:05 +01:00
// Override the application/json mime type for iframe compatibility. See ticket #2022.
header("Content-Type: text/plain; charset=" . Kohana::CHARSET);
Start of the dialog to specify the watermark placement. For convience, using the imagemagik nomicalture regarding watermark locations (east, west, center, etc.) You can drag the watermark around but it doesn't stay in place. Need to figure out how to resize the dialog box and all of the supporting javascript
2008-12-15 23:08:18 +00:00
}
Added the concept of "permanent" messages that we show to admins. Use this to show a "your thumbs/resizes are out of date" message whenever we change the graphics rules. Tweak watermark module to add graphics rules whenever we make a change, which triggers the graphics module to add the permanent message.
2008-12-26 05:43:06 +00:00
Clean up _update_graphics_rules() to make it more robust
2008-12-29 20:17:24 +00:00
private function _update_graphics_rules() {
Added the concept of "permanent" messages that we show to admins. Use this to show a "your thumbs/resizes are out of date" message whenever we change the graphics rules. Tweak watermark module to add graphics rules whenever we make a change, which triggers the graphics module to add the permanent message.
2008-12-26 05:43:06 +00:00
graphics::remove_rules("watermark");
Clean up _update_graphics_rules() to make it more robust
2008-12-29 20:17:24 +00:00
if ($name = module::get_var("watermark", "name")) {
Add the graphics rules for both thumbs and resizes (instead of just thumbs).
2008-12-26 05:44:02 +00:00
foreach (array("thumb", "resize") as $target) {
graphics::add_rule(
This path requires the upgrader to be run and applies the following changes: * moves the composite method back into core * requires that the operation be fully qualified i.e. gallery_graphics::resize * caches the graphics rules on each request
2009-09-27 15:24:51 -07:00
"watermark", $target, "gallery_graphics::composite",
Clean up _update_graphics_rules() to make it more robust
2008-12-29 20:17:24 +00:00
array("file" => VARPATH . "modules/watermark/$name",
"width" => module::get_var("watermark", "width"),
"height" => module::get_var("watermark", "height"),
Add transparency support
2008-12-29 22:30:19 +00:00
"position" => module::get_var("watermark", "position"),
Fix the logical inversion of the transparency field. Now, 100% is max transparency and 1% is min transparency (no transparency at all). Fixes ticket #204.
2009-05-13 00:09:43 +00:00
"transparency" => 101 - module::get_var("watermark", "transparency")),
Add the graphics rules for both thumbs and resizes (instead of just thumbs).
2008-12-26 05:44:02 +00:00
1000);
}
Added the concept of "permanent" messages that we show to admins. Use this to show a "your thumbs/resizes are out of date" message whenever we change the graphics rules. Tweak watermark module to add graphics rules whenever we make a change, which triggers the graphics module to add the permanent message.
2008-12-26 05:43:06 +00:00
}
}
Start of the dialog to specify the watermark placement. For convience, using the imagemagik nomicalture regarding watermark locations (east, west, center, etc.) You can drag the watermark around but it doesn't stay in place. Need to figure out how to resize the dialog box and all of the supporting javascript
2008-12-15 23:08:18 +00:00
}
Reference in New Issue Copy Permalink