From 4d3cb760deead35d070b2277e5e564623de7fa23 Mon Sep 17 00:00:00 2001 From: Chad Kieffer Date: Fri, 5 Jun 2009 01:14:09 -0600 Subject: [PATCH 01/13] Move watch notification menu from the view menu to under the Options menu. --- .../notification/helpers/notification_menu.php | 16 +++++++++------- themes/default/images/ico-notify-add.png | Bin 1469 -> 0 bytes themes/default/images/ico-notify-remove.png | Bin 1500 -> 0 bytes 3 files changed, 9 insertions(+), 7 deletions(-) delete mode 100644 themes/default/images/ico-notify-add.png delete mode 100644 themes/default/images/ico-notify-remove.png diff --git a/modules/notification/helpers/notification_menu.php b/modules/notification/helpers/notification_menu.php index 87927874..696aad62 100644 --- a/modules/notification/helpers/notification_menu.php +++ b/modules/notification/helpers/notification_menu.php @@ -18,19 +18,21 @@ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. */ class notification_menu_Core { - static function album($menu, $theme) { + static function site($menu, $theme) { if (!user::active()->guest) { $item = $theme->item(); - - if ($item) { + + if ($item && $item->is_album()) { $watching = notification::is_watching($item); - $menu + $watching ? $label = t("Remove notifications") : $label = t("Enable notifications"); + + $menu->get("options_menu") ->append(Menu::factory("link") ->id("watch") - ->label(t("Enable notifications for this album")) - ->url(url::site("notification/watch/$item->id?csrf=" . access::csrf_token())) - ->css_id($watching ? "gRemoveNotifyLink" : "gAddNotifyLink")); + ->label($label) + ->css_id("gNotifyLink") + ->url(url::site("notification/watch/$item->id?csrf=" . access::csrf_token()))); } } } diff --git a/themes/default/images/ico-notify-add.png b/themes/default/images/ico-notify-add.png deleted file mode 100644 index 937bfd4faebbc7366e66a90d09355cf74560442a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 1469 zcmds$=~Gh&0K}gcMFg}|r%-574i&9OX;ErXg9D?WL?M*w$Y`JmVu3~w4@8t`GrK$c{kPc{;HT|uzOexSz%J-a zK$xZ7EOxfuV9A3}OR1$cUh@y}2LLvQb^fBaWjiGYUQ9+{Vv_GfC7}U-6eb$IGbkbI z8afOeg-S`JqWu71{gn&n!UH33mz30XFR!c^Omm+elnWpXJ%$hCX+-WSz20>%jE)r zp!mf6S1Ds(LY-Byc3gAy|}oD$lF`e zhBF$Cmy!xapwv9Scrp|{$(Kz{O>sCJkw}zY`YNA-qS0t97HfEnr-bxJQ2lpRYd@J$`jF7Py1ItCU&iN87xrFLX=WjvVM?Tst8@a9 z_*QOhW;b$@GuhrpHJVKLR;&inV4I_K`q`}VH&4k~Dz&=0rRNR1SSpjrq_T&_jRK(n z6oVir7K37qR&%eQuCV8iiHV6$R)t!n{;lx9%F4>8@rk@%G@s9hAT_yXh}1-B?)s=w zsZS=lr4t%Qs8p?1$Dih_)oS{r=mEZAghs1rdq=0!)9?+^xxsbqgS~^FAPAC5r8l!* zBxXH-!z|M4bvzzVrkIJzLGie}TuQV^3@VgLonGJdo}NU!GDKqtMZ(q9)tG|wO&xFV z7uLV-p)#4wmu(bs*E=Q;9FtR`a)Py5twg3^FqosGqYMT^sZh3dz1L~A3Wc(RReC4C z{#@!0VzHRZp=rJ#4c{o1 z$fQ!)_}G|GqSWbhF%SN-;1tz^*=oUYBsmO@u+0C50Q&R+uH`>lg97}+@A9I3gSH(O z5y8;i4IWv-f}&zV@U&r}B#Q!UhO=RQ!GjY{*jm*tSC?QY1x`YRy#~mgP0^tP|2lqj zhgz&rrnV|SFS-s_gFBvzR|b)8`-D_?I5Vk)V@W zY}(PK@wqV$%rifK7ymQ7RGD$^qh8V@bKOK=a;GGjVB6X8z1Bb z$#0Q~Gs^^Y#M$KB7rsZ`h|SG|n8{bRjqctE&wXdR+3=ecm@no!hVp(s>yu6*3GiN} zZtZY4F)SjXN-~<}5`X{Hu-|#B8|ATsudWs&4u_`um#wotmk;xJjQ85Gu>rfnWtR_z zK|1?vcPr;J`ufx0Z;~nCJk`PzACY=%umCYgog-d4pu(~p3Woei1pk5veUk} z_-yX~RH16$h!c`oxjr=y!4!IeDu#eBF*xgxTyA25(`VKlaj`cQK PfCqvC;Q_6ukdOWYE_kRK diff --git a/themes/default/images/ico-notify-remove.png b/themes/default/images/ico-notify-remove.png deleted file mode 100644 index 8c0f29ca5fb558fa453e9dee7f884d2729055d06..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 1500 zcmds$_gB*g6vcxOkl~cKgRh zUPOhUBBO8LB%+Q%AnR@g2b}RiCSb9(-Al{M8r}TWjLP}>c@l%Swzj6%>uD^|U@%<9 zJW(o@i^iph+yCfvI<4MtDXn69dU|1DL8H-h5h!hMNADKa_q}5bQ6`N>WAXF+yFK6QA=TUms+C-1fqtnVHS(U zWHNbm*&GfhF1so=>*?a+Vpx2^%E~G}>>o)#_*qc*&d>Z8kPGrb>03oSYmX68Ten`F)S}*Y9Og8J$kAZ0uRf-Xlre zqfjVBA~Az4c+uMP=A_k!*n_$!f2dTdrnERNmtWgHNTX6yit3-W;t9wv=R5ON>N!v- z<^y2b!-ktV)l#V}=HBDvg1QOT#7N9OGMT)V>PV+Erhuto5?!fKuCA`C)he+_tejQ0 z;qW6Q(psWDkH=dp4jdmJ?;9Ltv)SpT&GdwynsD!D6CnLzyQTn8qtV{VeJ*S*QK{7_ zMGYVbw%`U73VCXALtF3g^78VOP`0$R#O3kt71i^&Jlp_9ES+xbc&pXw3>;)%xI}iBTFlBds+WBlALSX*F3Vr&?BN044tm=c=}iMH<9H`0-1cp4lRKCzOr?wz+q;vW7`Y!S(Kq&Upd2` zTgD>gkEwCpx&eJ*_VeUK8~Nu`)&>v zXm0Iy=K>D6o&u&nb~|IunccPj^so2qeJV3N5ySlv-9Xej=DQ7cUU17CdyZQs+@_75 zM{(KLSP#8_cn*Ka&zdtHTD9(np(~{227Ij8(iJ`@lw}1IK7{VTkATDN{;56qVq%tW z0^;f*22tS&Y62xq%mN#JNo*CdDuj!m0M_cW}@5gH^45#1$#$y&9g8p z{E6B6IwTJGR-G9aZtIhcL`d+*yR(8`$7pdMrF-K8eHh Date: Fri, 5 Jun 2009 01:17:16 -0600 Subject: [PATCH 02/13] Forgot to remove notify css classes in default theme in previous commit. --- themes/default/css/screen.css | 8 -------- 1 file changed, 8 deletions(-) diff --git a/themes/default/css/screen.css b/themes/default/css/screen.css index 0dcfd75f..67bd7cc2 100644 --- a/themes/default/css/screen.css +++ b/themes/default/css/screen.css @@ -606,14 +606,6 @@ form .gError, background-image: url('../images/ico-view-album.png'); } -#gViewMenu #gAddNotifyLink { - background-image: url('../images/ico-notify-add.png'); -} - -#gViewMenu #gRemoveNotifyLink { - background-image: url('../images/ico-notify-remove.png'); -} - #gViewMenu #gHybridLink { background-image: url('../images/ico-view-hybrid.png'); } From ab1fc6ad533968ac7cb1d0506e989f549935b7aa Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Fri, 5 Jun 2009 19:47:11 -0700 Subject: [PATCH 03/13] Make theme page headers match the menu dropdowns. Internationalize the admin dashboard common title. --- modules/gallery/views/admin_theme_details.html.php | 2 +- modules/gallery/views/admin_themes.html.php | 2 +- themes/admin_default/views/admin.html.php | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/modules/gallery/views/admin_theme_details.html.php b/modules/gallery/views/admin_theme_details.html.php index eb450b16..f093b70b 100644 --- a/modules/gallery/views/admin_theme_details.html.php +++ b/modules/gallery/views/admin_theme_details.html.php @@ -1,6 +1,6 @@
-

+

diff --git a/modules/gallery/views/admin_themes.html.php b/modules/gallery/views/admin_themes.html.php index f85bce70..dc13a6a0 100644 --- a/modules/gallery/views/admin_themes.html.php +++ b/modules/gallery/views/admin_themes.html.php @@ -7,7 +7,7 @@ } -

+

diff --git a/themes/admin_default/views/admin.html.php b/themes/admin_default/views/admin.html.php index 63ff3ac7..c1c880ad 100644 --- a/themes/admin_default/views/admin.html.php +++ b/themes/admin_default/views/admin.html.php @@ -4,7 +4,7 @@ - G3: Admin Dashboard + <?= t("Admin Dashboard") ?> " type="image/x-icon" /> " media="screen,projection" /> From c5425f42a4a13f7f585ffe45c070a865cdef6077 Mon Sep 17 00:00:00 2001 From: Chad Kieffer Date: Sat, 6 Jun 2009 00:35:30 -0600 Subject: [PATCH 04/13] Remove album view icon link, added album link to info module. This and breadcrumb should suffice. --- modules/gallery/helpers/gallery_menu.php | 6 ------ modules/info/views/info_block.html.php | 11 +++++++++++ themes/default/css/screen.css | 4 ---- themes/default/images/ico-view-album.png | Bin 345 -> 0 bytes 4 files changed, 11 insertions(+), 10 deletions(-) delete mode 100644 themes/default/images/ico-view-album.png diff --git a/modules/gallery/helpers/gallery_menu.php b/modules/gallery/helpers/gallery_menu.php index 2a9e193b..97f0fd81 100644 --- a/modules/gallery/helpers/gallery_menu.php +++ b/modules/gallery/helpers/gallery_menu.php @@ -100,12 +100,6 @@ class gallery_menu_Core { ->url("#") ->css_class("gFullSizeLink")); } - $menu - ->append(Menu::factory("link") - ->id("album") - ->label(t("Return to album")) - ->url($theme->item()->parent()->url("show={$theme->item->id}")) - ->css_id("gAlbumLink")); } static function admin($menu, $theme) { diff --git a/modules/info/views/info_block.html.php b/modules/info/views/info_block.html.php index db664894..f8e5f35e 100644 --- a/modules/info/views/info_block.html.php +++ b/modules/info/views/info_block.html.php @@ -17,6 +17,17 @@ name) ?> + id != 1): ?> + parent(); ?> + + + + id}?show=$item->id") ?>"> + title) ?> + + + + captured): ?> diff --git a/themes/default/css/screen.css b/themes/default/css/screen.css index 67bd7cc2..71711147 100644 --- a/themes/default/css/screen.css +++ b/themes/default/css/screen.css @@ -602,10 +602,6 @@ form .gError, width: 43px !important; } -#gViewMenu #gAlbumLink { - background-image: url('../images/ico-view-album.png'); -} - #gViewMenu #gHybridLink { background-image: url('../images/ico-view-hybrid.png'); } diff --git a/themes/default/images/ico-view-album.png b/themes/default/images/ico-view-album.png deleted file mode 100644 index 20b5af20d99e1b28e2743e9bd367d6590dab00c3..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 345 zcmV-f0jB-=nsxk3Z@Vb4N02`HOQgA5Ca&Wk4x;cesLLZ8v7=)s8V=B)CuYhw7 zQc5FoT^G=_7ZG_T>I%{{g)GaAFbD!b)83fK>lLXX48vyBrocWl-x<>Q=F#}R4|$#& zA@=o`n!-0L;&~oKQS|#|>dlbCGyNGSo9$^axc#~;`Q&8&aK2$aA8Kem8x)myrc(55 rt+BPn)*4%DY^|}i=5KzmUIGjN)M5Nvm6ca&00000NkvXXu0mjf&+Cvx From 6c40fd7b14684d4b6d5502cd1b1bfa856a9f0ce7 Mon Sep 17 00:00:00 2001 From: Chad Kieffer Date: Sat, 6 Jun 2009 00:44:47 -0600 Subject: [PATCH 05/13] New default avatar --- themes/default/images/avatar.jpg | Bin 914 -> 1172 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/themes/default/images/avatar.jpg b/themes/default/images/avatar.jpg index 2e76b12bddf7395a2a61f097b326833fdd0ea7c7..acad9314be273f4aac0f6121a421d11573de9511 100644 GIT binary patch literal 1172 zcmex=iF;o{=v;^GnD0RsUZK7IjyJ|1CV5fNcw z8EI*08F@HhWM^mR<>8eO5Ri}(6%>_%OAyQWe}F-dgF%5oftgW|fk}{&S&;Gn5ynM8 z2eLDQ0FVI&EUe5-Y>W)-9GqO-j0{Xn%*e7p0cI9fHn5}s0}~@NGZPCF8#^}6lk&l!iw}*(l0K*uHGNcdHVK}zXj5|WAyXIi z$%{9eiHD?=9KQ63L#>&UOG2_`imTg_En$~KHKaa0{(R)hlP{^Ity7n7J$m)&*R-;> zY0I`9yY}pxxqEnedHeL`+mBy={@ubOBBP>X#)=&$ZoK%RY3Ui6S=l*r<<65gU;fmx z@`}o;>YBA`*Qr~tegQqs1au`UE6@)t9L&tQK>r9bvw&R88VGbTTVdlwqlFtkh#b85 zP}xZ|D5>b9v5JXvlh~wS)kVph4zU+sGJWLIEFLl$7&;P?YG$rd>M13m=ARaCKCGd6 z`SItLDNDAXI@v7@;b@$0#^dDww-|Vs!Oj$9uxI${r*$ah`j=i8$#-4%e=VsE_Y3L| zO=Do~y%{(|lUFf+^L_`Tf1J$D`DXJJD&M{M`d8VXsoH6q+(i4R%QF@QhIUQ3xG*J5 zi`y;yZSEDB3Kd`3Ki50>qK$JF?$rLQd!XBWu9%S1ajlCjsyOy0 ztt`oE%j?{g_oAXZ9Sv_!`L)M*N5Gb+{2GF1N*%A{SzbwPh+z4-b+Su)rt#Wi%hNLp zR8`yyqF)P~Yithhv03h76v!XE^I>qO2&bGU+X>d`m01tG7a!*A-I;j^^gtYUh%qio`me8D`sjD1(+ZU=1X4b#qaS=D`V zmY=oJ=ThI9p0U$q7iE@D*cMw@D!cdUwA~4J7VgSOp5E`7IP(z0;hz)shVQU0w_vdM z^nB0z^S#?8g-dByX3Q?iTXQe%Yn%mR^^S>8OP(mN7c)(={dipY^ohTxE&6hV&l_1P|rX?qqI0P zFI~aY%U!`Mz|~!$%*;qrN1?DZF(6Oj-S5fuR$!pIEN!@|nR z%E~Fi%grl7GWdUhL6Cz%fkA4 zD%dK(z{JSR%*4VBay3wOEl{3;MUYiU(a@1iI53f2sZhkIapFP_Wv7h?MT0JWP%%y_ zYU1P)6PJ*bQdLve(9|+9H8Z!cv~qTFb#wRd^a>6M4GWKmj7m;PO-s+n%qlJ^Ei136 ztZHs)ZENr7?3y%r%G7DoXUv?nXz`Mz%a*TLxoXqqEnBy3-?4Mop~FXx9y@;G&P778mFHFAhJORj%*ryw From cd92b2ed85f063d990412601c19eeed1783be7c4 Mon Sep 17 00:00:00 2001 From: unostar Date: Sun, 7 Jun 2009 01:49:55 +0800 Subject: [PATCH 06/13] Adding strings to localizer Signed-off-by: Bharat Mediratta --- themes/admin_default/views/admin.html.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/themes/admin_default/views/admin.html.php b/themes/admin_default/views/admin.html.php index 63ff3ac7..cad23fb5 100644 --- a/themes/admin_default/views/admin.html.php +++ b/themes/admin_default/views/admin.html.php @@ -42,8 +42,8 @@
admin_header_top() ?> ">" id="gLogo" alt="" />
- 

+      

     

     

       
" id="gL10nClientSaveForm">

From 3f96830ef111e4358789df25b8afa443df2b4c74 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta 
Date: Sat, 6 Jun 2009 12:22:20 -0700
Subject: [PATCH 08/13] Properly localize domain url in recaptcha explanation.

---
 modules/recaptcha/views/admin_recaptcha.html.php | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/modules/recaptcha/views/admin_recaptcha.html.php b/modules/recaptcha/views/admin_recaptcha.html.php
index ed90aea9..1a3bf02d 100644
--- a/modules/recaptcha/views/admin_recaptcha.html.php
+++ b/modules/recaptcha/views/admin_recaptcha.html.php
@@ -2,7 +2,9 @@
 

   
  

   

-    get_key_url}\">ReCaptcha Public/Private Key pair, which is also free.  Once registered, the the challenge and response strings are evaluated at recaptcha.net to determine if the form content has been entered by a bot.", array("url" => "http://recaptcha.net")) ?>
+    ReCaptcha Public/Private Key pair, which is also free.  Once registered, the the challenge and response strings are evaluated at recaptcha.net to determine if the form content has been entered by a bot.",
+          array("domain_url" => $form->get_key_url,
+                "recaptcha_url" => "http://recaptcha.net")) ?>
   

 
      

From 6feb640b73f4da9f68cf95b129b32f77dfe65929 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta 
Date: Sat, 6 Jun 2009 12:24:08 -0700
Subject: [PATCH 09/13] fix typo: "the the" -> "the" (thanks VENCO!)

---
 modules/recaptcha/views/admin_recaptcha.html.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/recaptcha/views/admin_recaptcha.html.php b/modules/recaptcha/views/admin_recaptcha.html.php
index 1a3bf02d..74932a96 100644
--- a/modules/recaptcha/views/admin_recaptcha.html.php
+++ b/modules/recaptcha/views/admin_recaptcha.html.php
@@ -2,7 +2,7 @@
 

   
  

   

-    ReCaptcha Public/Private Key pair, which is also free.  Once registered, the the challenge and response strings are evaluated at recaptcha.net to determine if the form content has been entered by a bot.",
+    ReCaptcha Public/Private Key pair, which is also free.  Once registered, the challenge and response strings are evaluated at recaptcha.net to determine if the form content has been entered by a bot.",
           array("domain_url" => $form->get_key_url,
                 "recaptcha_url" => "http://recaptcha.net")) ?>
   


From 277d72d9fad8777ea5483845155ff87b5ad2ce4c Mon Sep 17 00:00:00 2001
From: Bharat Mediratta 
Date: Sat, 6 Jun 2009 12:50:38 -0700
Subject: [PATCH 10/13] Fix formatting.

---
 modules/user/views/login.html.php | 30 +++++++++++++++++-------------
 1 file changed, 17 insertions(+), 13 deletions(-)

diff --git a/modules/user/views/login.html.php b/modules/user/views/login.html.php
index 3889f06e..7617d131 100644
--- a/modules/user/views/login.html.php
+++ b/modules/user/views/login.html.php
@@ -1,18 +1,22 @@
 
 

From d5d5284f053a435934e8beb55060285803c3748f Mon Sep 17 00:00:00 2001
From: Bharat Mediratta 
Date: Sat, 6 Jun 2009 12:52:44 -0700
Subject: [PATCH 11/13] Don't ask for CSRF token when trying to view the
 password reset form.

---
 modules/user/controllers/password.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/modules/user/controllers/password.php b/modules/user/controllers/password.php
index 3b0eac66..2dde11b8 100644
--- a/modules/user/controllers/password.php
+++ b/modules/user/controllers/password.php
@@ -19,9 +19,9 @@
  */
 class Password_Controller extends Controller {
   public function reset() {
-    access::verify_csrf();
-
     if (request::method() == "post") {
+      // @todo separate the post from get parts of this function
+      access::verify_csrf();
       $this->_send_reset();
     } else {
       print $this->_reset_form();

From bccaad92bb3b2ecc7c95e5eaf728b9be6e8a3b3a Mon Sep 17 00:00:00 2001
From: Bharat Mediratta 
Date: Sat, 6 Jun 2009 14:50:51 -0700
Subject: [PATCH 12/13] Update xss golden file

---
 modules/gallery/tests/xss_data.txt | 23 +++++++++++++----------
 1 file changed, 13 insertions(+), 10 deletions(-)

diff --git a/modules/gallery/tests/xss_data.txt b/modules/gallery/tests/xss_data.txt
index e3dbb188..b71262df 100644
--- a/modules/gallery/tests/xss_data.txt
+++ b/modules/gallery/tests/xss_data.txt
@@ -283,8 +283,11 @@ modules/image_block/views/image_block_block.html.php         4   DIRTY $item->th
 modules/info/views/info_block.html.php                       6         $item->title
 modules/info/views/info_block.html.php                       11        $item->description
 modules/info/views/info_block.html.php                       17        $item->name
-modules/info/views/info_block.html.php                       23  DIRTY $item->captured
-modules/info/views/info_block.html.php                       29        $item->owner->name
+modules/info/views/info_block.html.php                       25  DIRTY $parent->id
+modules/info/views/info_block.html.php                       25  DIRTY $item->id
+modules/info/views/info_block.html.php                       26        $parent->title
+modules/info/views/info_block.html.php                       34  DIRTY $item->captured
+modules/info/views/info_block.html.php                       40        $item->owner->name
 modules/notification/views/comment_published.html.php        4         $subject
 modules/notification/views/comment_published.html.php        7         $subject
 modules/notification/views/comment_published.html.php        11        $comment->text
@@ -339,9 +342,9 @@ modules/organize/views/organize_thumb_grid.html.php          7   DIRTY $child->i
 modules/organize/views/organize_thumb_grid.html.php          8   DIRTY $child->id
 modules/organize/views/organize_thumb_grid.html.php          8   DIRTY $item_class
 modules/organize/views/organize_thumb_grid.html.php          9   DIRTY $child->thumb_img(array("class" => "gThumbnail"), $thumbsize, true)
-modules/recaptcha/views/admin_recaptcha.html.php             5   DIRTY $form->get_key_url
-modules/recaptcha/views/admin_recaptcha.html.php             8   DIRTY $form
-modules/recaptcha/views/admin_recaptcha.html.php             21  DIRTY $public_key
+modules/recaptcha/views/admin_recaptcha.html.php             6   DIRTY $form->get_key_url
+modules/recaptcha/views/admin_recaptcha.html.php             10  DIRTY $form
+modules/recaptcha/views/admin_recaptcha.html.php             23  DIRTY $public_key
 modules/recaptcha/views/form_recaptcha.html.php              7   DIRTY $public_key
 modules/rss/views/comment.mrss.php                           9         $title
 modules/rss/views/comment.mrss.php                           10  DIRTY $link
@@ -470,11 +473,11 @@ modules/user/views/admin_users_group.html.php                22  DIRTY $user->id
 modules/user/views/admin_users_group.html.php                22  DIRTY $group->id
 modules/user/views/admin_users_group.html.php                25        $user->name
 modules/user/views/admin_users_group.html.php                25        $group->name
-modules/user/views/login.html.php                            11  DIRTY $user->id
-modules/user/views/login.html.php                            14        $user->full_name
-modules/user/views/login.html.php                            14        $user->name
-modules/user/views/login.html.php                            14        $user->full_name
-modules/user/views/login.html.php                            15  DIRTY $csrf
+modules/user/views/login.html.php                            12  DIRTY $user->id
+modules/user/views/login.html.php                            15        $user->full_name
+modules/user/views/login.html.php                            15        $user->name
+modules/user/views/login.html.php                            15        $user->full_name
+modules/user/views/login.html.php                            18  DIRTY $csrf
 modules/user/views/login_ajax.html.php                       37  DIRTY $form
 modules/user/views/reset_password.html.php                   9         $user->full_name
 modules/user/views/reset_password.html.php                   9         $user->full_name

From b179b106c2b4d3971498f513ffc71eff1b6b1a5d Mon Sep 17 00:00:00 2001
From: Bharat Mediratta 
Date: Sat, 6 Jun 2009 14:51:04 -0700
Subject: [PATCH 13/13] Update Kohana to r4409

---
 system/core/Event.php                       |  4 ++--
 system/helpers/html.php                     | 14 ++++++++++----
 system/libraries/Profiler.php               |  4 ++--
 system/libraries/Router.php                 | 18 +++++++++---------
 system/libraries/drivers/Database/Mssql.php |  2 +-
 5 files changed, 24 insertions(+), 18 deletions(-)

diff --git a/system/core/Event.php b/system/core/Event.php
index 90944c37..06468a8d 100644
--- a/system/core/Event.php
+++ b/system/core/Event.php
@@ -4,7 +4,7 @@
  * to be added to 'events'. Events can be run multiple times, and can also
  * process event-specific data. By default, Kohana has several system events.
  *
- * $Id: Event.php 4358 2009-05-27 17:24:25Z ixmatus $
+ * $Id: Event.php 4390 2009-06-04 03:05:36Z zombor $
  *
  * @package    Core
  * @author     Kohana Team
@@ -206,7 +206,7 @@ final class Event {
 
 			foreach ($callbacks as $callback)
 			{
-				call_user_func_array($callback, array(&$data));
+				call_user_func($callback);
 			}
 
 			// Do this to prevent data from getting 'stuck'
diff --git a/system/helpers/html.php b/system/helpers/html.php
index 9ad20d89..2c609567 100644
--- a/system/helpers/html.php
+++ b/system/helpers/html.php
@@ -2,7 +2,7 @@
 /**
  * HTML helper class.
  *
- * $Id: html.php 4368 2009-05-27 21:58:51Z samsoir $
+ * $Id: html.php 4376 2009-06-01 11:40:39Z samsoir $
  *
  * @package    Core
  * @author     Kohana Team
@@ -68,15 +68,21 @@ class html_Core {
 	 * @param   string  link text
 	 * @param   array   HTML anchor attributes
 	 * @param   string  non-default protocol, eg: https
+	 * @param   boolean option to escape the title that is output
 	 * @return  string
 	 */
-	public static function anchor($uri, $title = NULL, $attributes = NULL, $protocol = NULL)
+	public static function anchor($uri, $title = NULL, $attributes = NULL, $protocol = NULL, $escape_title = FALSE)
 	{
 		if ($uri === '')
 		{
 			$site_url = url::base(FALSE);
 		}
-		elseif (strpos($uri, '://') === FALSE AND strpos($uri, '#') !== 0)
+		elseif (strpos($uri, '#') === 0)
+		{
+			// This is an id target link, not a URL
+			$site_url = $uri;
+		}
+		elseif (strpos($uri, '://') === FALSE)
 		{
 			$site_url = url::site($uri, $protocol);
 		}
@@ -96,7 +102,7 @@ class html_Core {
 		// Attributes empty? Use an empty string
 		.(is_array($attributes) ? html::attributes($attributes) : '').'>'
 		// Title empty? Use the parsed URL
-		.html::specialchars((($title === NULL) ? $site_url : $title), FALSE).'';
+		.($escape_title ? html::specialchars((($title === NULL) ? $site_url : $title), FALSE) : (($title === NULL) ? $site_url : $title)).'';
 	}
 
 	/**
diff --git a/system/libraries/Profiler.php b/system/libraries/Profiler.php
index 47d82ace..9da053fb 100644
--- a/system/libraries/Profiler.php
+++ b/system/libraries/Profiler.php
@@ -8,7 +8,7 @@
  * POST Data    - The name and values of any POST data submitted to the current page.
  * Cookie Data  - All cookies sent for the current request.
  *
- * $Id: Profiler.php 4090 2009-03-19 01:27:45Z bharat $
+ * $Id: Profiler.php 4383 2009-06-03 00:17:24Z ixmatus $
  *
  * @package    Profiler
  * @author     Kohana Team
@@ -104,7 +104,7 @@ class Profiler_Core {
 		$view = new View('kohana_profiler', $data);
 
 		// Return rendered view if $return is TRUE
-		if ($return == TRUE)
+		if ($return === TRUE)
 			return $view->render();
 
 		// Add profiler data to the output
diff --git a/system/libraries/Router.php b/system/libraries/Router.php
index 6dc9b10c..ef0e1e47 100644
--- a/system/libraries/Router.php
+++ b/system/libraries/Router.php
@@ -2,7 +2,7 @@
 /**
  * Router
  *
- * $Id: Router.php 4350 2009-05-14 18:58:18Z zombor $
+ * $Id: Router.php 4391 2009-06-04 03:10:12Z zombor $
  *
  * @package    Core
  * @author     Kohana Team
@@ -213,17 +213,17 @@ class Router_Core {
 		elseif (isset($_SERVER['PHP_SELF']) AND $_SERVER['PHP_SELF'])
 		{
 			Router::$current_uri = $_SERVER['PHP_SELF'];
-
-			if (($strpos_fc = strpos(Router::$current_uri, KOHANA)) !== FALSE)
-			{
-				// Remove the front controller from the current uri
-				Router::$current_uri = substr(Router::$current_uri, $strpos_fc + strlen(KOHANA));
-			}
 		}
-
+		
+		if (($strpos_fc = strpos(Router::$current_uri, KOHANA)) !== FALSE)
+		{
+			// Remove the front controller from the current uri
+			Router::$current_uri = (string) substr(Router::$current_uri, $strpos_fc + strlen(KOHANA));
+		}
+		
 		// Remove slashes from the start and end of the URI
 		Router::$current_uri = trim(Router::$current_uri, '/');
-
+		
 		if (Router::$current_uri !== '')
 		{
 			if ($suffix = Kohana::config('core.url_suffix') AND strpos(Router::$current_uri, $suffix) !== FALSE)
diff --git a/system/libraries/drivers/Database/Mssql.php b/system/libraries/drivers/Database/Mssql.php
index 6947679a..8b5ed50b 100644
--- a/system/libraries/drivers/Database/Mssql.php
+++ b/system/libraries/drivers/Database/Mssql.php
@@ -298,7 +298,7 @@ class Database_Mssql_Driver extends Database_Driver
 
 	public function field_data($table)
 	{
-		$query = $this->query('SHOW COLUMNS FROM '.$this->escape_table($table), $this->link);
+		$query = $this->query("SELECT COLUMN_NAME AS Field, DATA_TYPE as Type  FROM INFORMATION_SCHEMA.Columns WHERE TABLE_NAME = '".$this->escape_table($table)."'", $this->link);
 
 		return $query->result_array(TRUE);
 	}