Commit Graph
470 Commits
Author SHA1 Message Date
Stian Lund 39df8243b7 Sort albums first 2023-07-31 23:45:24 +02:00
Brad Dutton e3dc6b0102 handle full URL comparison better for proxy access checks 2021-02-15 13:42:58 -08:00
bwdutton 059dc6a546 get rid of tabs 2020-06-04 00:58:50 -07:00
bwdutton 8be9001c57 add CLI password reset:
php index.php passwordreset
or
php index.php passwordreset username
2020-06-04 00:42:21 -07:00
Bradley W. Dutton 680de0c6d0 fix implode() so the separater is always the first argument 2020-02-01 20:53:43 -08:00
Bradley W. Dutton bad663e05e Add dropzone js uploader as a replacement for uploadify. The latter still remains almost entirely intact. 2017-11-04 16:39:51 -07:00
root ab4363233a show next picture after delete instead of returning to album view 2014-03-19 17:29:52 -07:00
shadlaws 5e19662b75 #2082 - Sanitize admin theme options that get placed directly in HTML. 2013-09-06 08:28:10 +02:00
shadlawsandBharat Mediratta 0f28d4cee4 Ensure that movie titles are purified upon display. 2013-04-21 00:33:44 -04:00
shadlaws 26e4f044bb #2058 - Separate uploader logic into Kohana-, Item-Model-, and Uploadify-specific functions.
- Added _process_upload() to handle upload file validation with Kohana.
- Added _add_item() to handle item creation and validation with the item model (and logs).
- Removed these pieces from add_photo(), which is now rather Uploadify-specific.
- Used $_FILES to get filename instead of assuming it's substr(basename($tmp_name), 10).
- No net functional changes - works just like before.
2013-03-14 18:15:24 +01:00
shadlaws a140303468 #2061 - Remove Uploadify from add_photo_form/add_photo_form_completed events.
- Added code around event calls in uploader to add Uploadify-specific JS to update the inputs.
- Removed Uploadify JS from tag_event.  Now it's uploader-agnostic.
- Refactored tag_event autocomplete code (no functional changes).
2013-03-13 16:18:12 +01:00
Bharat Mediratta 74532b9c94 Remove stray line of debug output. 2013-03-05 13:20:12 -05:00
shadlaws 4b28478776 #2040 - Deactivate modules that no longer exist.
- added module::deactivate_missing_modules()
- revised module::deactivate() to change log message if the module is missing
- added call to new function in module::get_obsolete_modules_message()
- added call to new function when loading admin/maintenance menu
2013-03-05 16:54:41 +01:00
shadlaws 9b9f1a7b07 #2031 - Add class_exists() before method_exists() if class existence is unknown.
- fixed all instances of this in core code
- deleted previous Zend Guard Loader workaround in MY_Kohana.php
- updated Bootstrap.php to reflect deleted MY_Kohana.php
2013-03-02 13:25:10 +01:00
Bharat Mediratta 7c94b930ed Merge pull request #169 from shadlaws/fix_2021
#2021 - Cleanup thumb_dirty and resize_dirty instances.
2013-02-27 09:12:13 -08:00
shadlaws 891a24151e #2021 - Cleanup thumb_dirty and resize_dirty instances.
- g2_import: changed "false" assignment to "0" assignment for consistency.
- admin_theme_options: removed unused variables (they're called/used nowhere else).
- graphics: removed stanza that clears thumb_dirty and resize_dirty and returns
if we have no ops.  This has no effect on Gallery currently (for one,
graphics::generate doesn't normally get called on an item with no dirty flags),
but can inconsistently set resize_dirty of albums and movies to 0 where it's
otherwise left at 1.  Going forward, it may be useful to be consistent here.
- gallery_installer: added v57 stanza to correct any resize_dirty flags of
movies/albums that were previously reset to 0.
- module.info, install.sql: update to v57
2013-02-27 07:11:52 +01:00
shadlaws 251e9d5c8f #2010 - Revise item::find_by_path to search for jpg-converted items.
- added extra $var_subdir argument to item::find_by_path.
- changed item::find_by_path to use $var_subdir to detect if we should look for a jpg-converted item or not (e.g. movie thumbs)
- moved the album thumb detection to item::find_by_path to ensure it knows to look for an exact album match.
- added more sanity checks to item::find_by_path (now has fewer false positive possibilities).

- updated file_proxy to remove the need to guess different movie files.
- updated File_Proxy_Controller - new sanity checks catch previously undetected bug.
- added additional unit tests for item::find_by_path.
2013-02-26 18:39:59 +01:00
shadlaws 94aadf03da #2008 - Add warnings if some active modules are obsolete.
- added module::get_obsolete_modules_message function
- put message on admin/dashboard
- put message on admin/modules
- put message on upgrader
- updated unit test golden file xss_data
2013-02-20 17:30:27 +01:00
shadlaws fd0051dab7 #2006 - Add system::mark_file_for_delete API to delete files at shutdown.
- added system::mark_file_for_delete to be called to mark a file
- added system::delete_marked_files to be called at shutdown to delete the list
- amended system::temp_filename to, by default, add the temp name to the list
- updated a few other places in code where this should be used
2013-02-17 23:19:35 +01:00
shadlaws f212f6a794 #2003 - Add admin/movies screen.
Added admin/movies screen analogous to the admin/graphics screen so the user can:
- see how FFmpeg is configured (path and version, similar to toolkits in admin/graphics)
- get some instructions on how to install FFmpeg if not found
- change the movie_allow_uploads setting
- ask Gallery to rebuild their movie thumbs
Specifics:
- admin_movies, admin_movies.html (new) - new Movies admin screen
- ffmpeg.png (new) - logo for admin screen
- movie::get_ffmpeg_version (new) - return version number and date of FFmpeg
- form_uploadify.html - change admin message if movie uploads are disabled
- gallery_event::admin_menu - added Movies link to Settings
- xss_data.txt - updated golden file for unit tests
2013-02-14 23:42:20 +01:00
shadlaws d04a6fc87d #2001 - Make filename sanitizing more consistent.
- legal_file - added sanitize_filname() to sanitize photo/movie filenames.
- admin_watermarks - revised add() to use new function.
- item model - added _process_data_file_info() to validate the data file, get its metadata, and sanitize the item name.
- item model - revised save() for new items to use _process_data_file_info *before* the slug is checked.
- item model - revised save() for updated items to use _process_data_file_info.
- item model - revised save() for updated items to sanitize name if changed.
- uploader - removed call to smash_extensions (item model does this when it calls sanitize_filename).
- Legal_File_Helper_Test - added unit tests for sanitize_filename.
- Item_Model_Test - revised existing unit tests based on changes.
- Item_Model_Test - added new unit tests for names with legal but incorrect extensions.
- Averted take over by HAL with fix #2001...
2013-02-12 00:37:33 +01:00
Bharat Mediratta 9dbe2e15ad Extend siblings callbacks to take a $limit and an $offset for navigating
large sibling sets.  Useful for the thumbnav module since we don't want to
iterate a thousand siblings to find the one we care about.  Fixes #1999.
2013-02-09 14:53:34 -05:00
shadlaws 2dc97fab05 #1993 - Remove "failed" query string from upgrader redirect if there are no errors.
- Changed redirect if it finished without failures.
- No change to Upgrader_Controller::index(), since its behavior with an empty vs. undefined failed query is identical.
2013-02-08 09:03:57 +01:00
Bharat Mediratta ea54a88ec8 Escape the host/username/password arguments to mysqldump. Fixes #1984. 2013-01-31 16:29:09 -05:00
Bharat Mediratta 1e4d75c120 Improve the display context API to return a "siblings_callback" field
containing a callback that returns all the siblings.  Fixes #1975.
2013-01-30 12:10:18 -05:00
shadlaws 5fca371a61 #1945 - Extend legal_file helper functions.
- Added get_types_by_extension function, which is a merged version of get...types_by_extension functions (similar to get_extensions).
- Added optional extension argument to get...extensions functions similar to get...types_by_extension functions.
- Added unit tests.  Now, every legal_file function has one.
- Restructured helper file to include caches.
- Added array_unique to get...types (derived from get...types_by_extension, which can be many-to-one).
- Edited server_add, uploader, and item model to use new functionality.
2013-01-28 23:31:18 +01:00
Bharat Mediratta 86a2759062 If profiling is enabled, dump out profiling data instead of proxied
images so that we can see how efficient our proxying is.  Follow-on
for #1959.
2013-01-24 18:14:14 -05:00
shadlaws 8436e16b2f #1954 - Skip buffer calls for unit tests of file_proxy and data_rest.
Moved the "if (TEST_MODE)" statement before the buffer calls in file_proxy and data_rest.
This has no impact on normal use, but will make the unit tests more compatible with different server/PHP configurations.
Note: We do not have to skip setting the headers, which means we can build unit tests around them if we wish.
2013-01-21 10:45:34 +01:00
Bharat Mediratta d45a737779 Update copyright to 2013. Fixes #1953. 2013-01-21 01:22:01 -05:00
Bharat Mediratta f1d2a8e871 Add a long overdue test for File_Proxy_Controller that tests all the various
edge case behaviors.  It doesn't cover the various headers, but it does cover
the permission based code paths.
2013-01-20 23:54:01 -05:00
shadlaws 1927dd00e4 #1949 - Fix album thumb mime types given by data_rest and file_proxy
Correct result: always "image/jpeg"
Old data_rest result: mime of cover item
Old file_proxy result: mime of album item (null)
2013-01-20 08:34:12 +01:00
shadlaws 592eff0e5a #1942 - Make data_rest and file_proxy more consistent - several minor documentation/formatting changes.
No actual functionality changed here.
2013-01-19 08:40:19 +01:00
shadlawsandBharat Mediratta 549630219f bug fix: updated file_proxy.php to use legal_file helper instead of hard-coded list of movie file extensions.
bug fix: updated uploader.php to use legal_file helper instead of hard-coded list of movie file extensions.

Fixes #1926
2012-12-10 11:15:02 -08:00
Gerhard Schlager a62e1aaf9d the HTTP header Cache-Control must contain "public" in order to allow caching of resources when HTTPS is used 2012-08-11 18:09:03 +02:00
Bharat Mediratta 8524fba15a Sanitize the module name and don't allow storing values for illegal
module names.  Fixes #1898.
2012-07-21 15:42:52 -07:00
Bharat Mediratta 9e1f975e7b Fix up syntax in the last change. Follow-on for #1879. 2012-06-05 14:08:15 -07:00
Tony Fung 6fbea19b35 Force Turn off the compress as most image file already compressed. 2012-06-05 11:16:37 +08:00
Bharat Mediratta 3fbe07078f Second attempt to fix #1821 - first attempt caused an infinite loop in some cases
when zlib.output_compression is enabled.
2012-06-04 19:54:01 -07:00
Bharat Mediratta 9e2ea2ffed Smash multiple extensions down into a single one when accepting file
uploads.  Fixes #1872.
2012-05-17 20:25:27 -07:00
Bharat Mediratta 891652b233 Send back form errors wrapped in JSON. Fixes #1867. 2012-05-15 16:00:46 -07:00
Bharat Mediratta f06c227505 Oops dropped a semicolon in e3d50dd8be 2012-05-15 09:26:13 -07:00
Bharat Mediratta e3d50dd8be Simplify dialog title for editing advanced settings. Fixes #1864. 2012-05-14 20:52:01 -07:00
Bharat Mediratta 1531c3898f Force uploader status messages to be integers. Fixes #1863. 2012-05-14 20:52:01 -07:00
Bharat Mediratta b512734b9d Close all buffers, not just the ones that Kohana opened. Fixes #1821,
thanks to pvalsecc.
2012-05-08 18:23:33 -07:00
Bharat Mediratta fd15295642 Clean up comments. 2012-05-05 21:09:30 -07:00
Bharat Mediratta bf2bb3e1ea Update copyright to 2012. #1822 2012-02-27 09:48:23 -08:00
Bharat Mediratta 47fdf1e35a Move the Content-Length header into the main block, fix some formatting.
Follow-on to 5b969fd069 which is a fix for
#1802.
2011-11-24 11:21:32 -08:00
ffchung 5b969fd069 gzip stream problem on Google Chrome 2011-10-29 23:03:06 +08:00
Bharat Mediratta e5175fd277 Fix the standard and REST uploaders to use a callback function to
delete temporary files during shutdown.  Fixes #1788.
2011-10-03 23:19:44 -07:00
Bharat Mediratta ce43f29e2c Refactor the display context code a bit:
1) Move the display context code into the controller themselves so that it's
   more logically a continuation callback from the original controller
   rendering code.
2) Simplify the display context set/get code and put it in the item helper,
   it's just a couple of lines of code now.
3) Add more descriptive breadcrumb strings
2011-08-27 11:18:07 -07:00