Beispiel #1
1
 public function upgrade()
 {
     if (php_sapi_name() == "cli") {
         // @todo this may screw up some module installers, but we don't have a better answer at
         // this time.
         $_SERVER["HTTP_HOST"] = "example.com";
     } else {
         if (!user::active()->admin && !Session::instance()->get("can_upgrade", false)) {
             access::forbidden();
         }
     }
     // Upgrade gallery and user first
     module::install("gallery");
     module::install("user");
     // Then upgrade the rest
     foreach (module::available() as $id => $module) {
         if ($id == "gallery") {
             continue;
         }
         if ($module->active && $module->code_version != $module->version) {
             module::install($id);
         }
     }
     if (php_sapi_name() == "cli") {
         print "Upgrade complete\n";
     } else {
         url::redirect("upgrader?done=1");
     }
 }
 public function saveprefs()
 {
     // Prevent Cross Site Request Forgery
     access::verify_csrf();
     $form = $this->_get_admin_form();
     // Figure out which boxes where checked
     $shareOpts_array = Input::instance()->post("ShareOptions");
     $IconsButton = false;
     $HTMLLinksButton = false;
     for ($i = 0; $i < count($shareOpts_array); $i++) {
         if ($shareOpts_array[$i] == "Icons") {
             $IconsButton = true;
         }
         if ($shareOpts_array[$i] == "HTMLLinks") {
             $HTMLLinksButton = true;
         }
     }
     // Save Settings.
     module::set_var("sharephoto", "Icons", $IconsButton);
     module::set_var("sharephoto", "HTMLLinks", $HTMLLinksButton);
     message::success(t("Your Selection Has Been Saved."));
     // Load Admin page.
     $view = new Admin_View("admin.html");
     $view->content = new View("admin_sharephoto.html");
     $view->content->sharephoto_form = $form;
     print $view;
 }
 public function saveprefs()
 {
     // Process the admin form.
     // Prevent Cross Site Request Forgery
     access::verify_csrf();
     // Save user specified settings to the database.
     $str_slideshow_url = Input::instance()->post("slideshow_url");
     module::set_var("minislideshow", "slideshow_url", $str_slideshow_url);
     $str_slideshow_shuffle = Input::instance()->post("shuffle");
     module::set_var("minislideshow", "shuffle", $str_slideshow_shuffle);
     $str_slideshow_dropshadow = Input::instance()->post("dropshadow");
     module::set_var("minislideshow", "dropshadow", $str_slideshow_dropshadow);
     $str_slideshow_show_title = Input::instance()->post("show_title");
     module::set_var("minislideshow", "show_title", $str_slideshow_show_title);
     $str_slideshow_trans_in_type = Input::instance()->post("trans_in_type");
     module::set_var("minislideshow", "trans_in_type", $str_slideshow_trans_in_type);
     $str_slideshow_trans_out_type = Input::instance()->post("trans_out_type");
     module::set_var("minislideshow", "trans_out_type", $str_slideshow_trans_out_type);
     $str_slideshow_mask = Input::instance()->post("mask");
     module::set_var("minislideshow", "mask", $str_slideshow_mask);
     $str_slideshow_use_full_image = Input::instance()->post("use_full_image");
     module::set_var("minislideshow", "use_full_image", $str_slideshow_use_full_image);
     $str_slideshow_delay = Input::instance()->post("delay");
     module::set_var("minislideshow", "delay", $str_slideshow_delay);
     // Display a success message and load the admin screen.
     message::success(t("Your Settings Have Been Saved."));
     $view = new Admin_View("admin.html");
     $view->content = new View("admin_minislideshow.html");
     $view->content->minislideshow_form = $this->_get_admin_form();
     print $view;
 }
 public function handler()
 {
     access::verify_csrf();
     $form = $this->_get_form();
     if ($form->validate()) {
         module::set_var("social_share", "general_impage_only", $form->general_settings->general_impage_only->value);
         module::set_var("social_share", "facebook_share_enabled", $form->facebook_share_settings->facebook_share_enabled->value);
         module::set_var("social_share", "facebook_share_layout", $form->facebook_share_settings->facebook_share_layout->value);
         module::set_var("social_share", "facebook_share_link_text", $form->facebook_share_settings->facebook_share_link_text->value);
         module::set_var("social_share", "facebook_like_enabled", $form->facebook_like_settings->facebook_like_enabled->value);
         module::set_var("social_share", "facebook_like_appId", $form->facebook_like_settings->facebook_like_appId->value);
         module::set_var("social_share", "facebook_like_adminId", $form->facebook_like_settings->facebook_like_adminId->value);
         module::set_var("social_share", "facebook_like_site_name", $form->facebook_like_settings->facebook_like_site_name->value);
         module::set_var("social_share", "facebook_like_code_type", $form->facebook_like_settings->facebook_like_code_type->value);
         module::set_var("social_share", "facebook_like_show_faces", $form->facebook_like_settings->facebook_like_show_faces->value, true);
         module::set_var("social_share", "facebook_like_send", $form->facebook_like_settings->facebook_like_send->value, true);
         module::set_var("social_share", "facebook_like_action", $form->facebook_like_settings->facebook_like_action->value);
         module::set_var("social_share", "facebook_like_layout", $form->facebook_like_settings->facebook_like_layout->value);
         module::set_var("social_share", "google_enabled", $form->google_settings->google_enabled->value);
         module::set_var("social_share", "google_size", $form->google_settings->google_size->value);
         module::set_var("social_share", "google_annotation", $form->google_settings->google_annotation->value);
         module::set_var("social_share", "pinterest_enabled", $form->pinterest_settings->pinterest_enabled->value);
         module::set_var("social_share", "pinterest_count_location", $form->pinterest_settings->pinterest_count_location->value);
         module::set_var("social_share", "twitter_enabled", $form->twitter_settings->twitter_enabled->value);
         module::set_var("social_share", "twitter_count_location", $form->twitter_settings->twitter_count_location->value);
         module::set_var("social_share", "twitter_size", $form->twitter_settings->twitter_size->value);
         message::success(t("Your settings have been saved."));
         url::redirect("admin/social_share");
     }
     print $this->_get_view($form);
 }
Beispiel #5
0
 static function delete($request)
 {
     list($tag, $item) = rest::resolve($request->url);
     access::required("edit", $item);
     $tag->remove($item);
     $tag->save();
 }
 public function saveprefs()
 {
     // Prevent Cross Site Request Forgery
     access::verify_csrf();
     // Figure out which boxes where checked
     $dlLinks_array = Input::instance()->post("DownloadLinkOptions");
     $fButton = false;
     $download_original_button = false;
     for ($i = 0; $i < count($dlLinks_array); $i++) {
         if ($dlLinks_array[$i] == "fButton") {
             $fButton = true;
         }
     }
     if (module::is_active("keeporiginal")) {
         $keeporiginal_array = Input::instance()->post("DownloadOriginalOptions");
         for ($i = 0; $i < count($keeporiginal_array); $i++) {
             if ($keeporiginal_array[$i] == "DownloadOriginalImage") {
                 $download_original_button = true;
             }
         }
         module::set_var("downloadfullsize", "DownloadOriginalImage", $download_original_button);
     }
     // Save Settings.
     module::set_var("downloadfullsize", "fButton", $fButton);
     message::success(t("Your Selection Has Been Saved."));
     // Load Admin page.
     $view = new Admin_View("admin.html");
     $view->content = new View("admin_downloadfullsize.html");
     $view->content->downloadlinks_form = $this->_get_admin_form();
     print $view;
 }
Beispiel #7
0
 public function rename($id)
 {
     access::verify_csrf();
     $tag = ORM::factory("tag", $id);
     if (!$tag->loaded) {
         kohana::show_404();
     }
     $form = tag::get_rename_form($tag);
     $valid = $form->validate();
     if ($valid) {
         $new_name = $form->rename_tag->inputs["name"]->value;
         $new_tag = ORM::factory("tag")->where("name", $new_name)->find();
         if ($new_tag->loaded) {
             $form->rename_tag->inputs["name"]->add_error("in_use", 1);
             $valid = false;
         }
     }
     if ($valid) {
         $old_name = $tag->name;
         $tag->name = $new_name;
         $tag->save();
         $message = t("Renamed tag %old_name to %new_name", array("old_name" => $old_name, "new_name" => $tag->name));
         message::success($message);
         log::success("tags", $message);
         print json_encode(array("result" => "success", "location" => url::site("admin/tags"), "tag_id" => $tag->id, "new_tagname" => html::clean($tag->name)));
     } else {
         print json_encode(array("result" => "error", "form" => $form->__toString()));
     }
 }
 public function edit()
 {
     access::verify_csrf();
     $form = $this->_get_admin_form();
     if ($form->validate()) {
         $options = $form->tag_cloud_options;
         $valid = true;
         if (preg_match("/^0x[0-9A-Fa-f]{6}\$/", $options->tagcolor->value) == 0) {
             $options->tagcolor->add_error("not_valid", 1);
             $valid = false;
         }
         if (preg_match("/^0x[0-9A-Fa-f]{6}\$/", $options->background_color->value) == 0) {
             $options->background_color->add_error("not_valid", 1);
             $valid = false;
         }
         if ($valid) {
             module::set_var("tag_cloud", "tagcolor", $options->tagcolor->value);
             module::set_var("tag_cloud", "mouseover", $options->mouseover->value);
             module::set_var("tag_cloud", "background_color", $options->background_color->value);
             module::set_var("tag_cloud", "transparent", $options->transparent->value);
             module::set_var("tag_cloud", "speed", $options->speed->value);
             module::set_var("tag_cloud", "distribution", $options->distribution->value);
             message::success(t("Tag cloud options updated successfully"));
             url::redirect("admin/tag_cloud");
         }
     }
     $view = new Admin_View("admin.html");
     $view->content = new View("admin_tag_cloud.html");
     $view->content->form = $form;
     print $view;
 }
 static function initialize()
 {
     $db = Database::instance();
     $db->query("CREATE TABLE IF NOT EXISTS {users} (\n                 `id` int(9) NOT NULL auto_increment,\n                 `name` varchar(32) NOT NULL,\n                 `full_name` varchar(255) NOT NULL,\n                 `password` varchar(64) NOT NULL,\n                 `login_count` int(10) unsigned NOT NULL DEFAULT 0,\n                 `last_login` int(10) unsigned NOT NULL DEFAULT 0,\n                 `email` varchar(64) default NULL,\n                 `admin` BOOLEAN default 0,\n                 `guest` BOOLEAN default 0,\n                 `hash` char(32) default NULL,\n                 `url` varchar(255) default NULL,\n                 `locale` char(10) default NULL,\n                 PRIMARY KEY (`id`),\n                 UNIQUE KEY(`hash`),\n                 UNIQUE KEY(`name`))\n               DEFAULT CHARSET=utf8;");
     $db->query("CREATE TABLE IF NOT EXISTS {groups} (\n                 `id` int(9) NOT NULL auto_increment,\n                 `name` char(64) default NULL,\n                 `special` BOOLEAN default 0,\n                 PRIMARY KEY (`id`),\n                 UNIQUE KEY(`name`))\n               DEFAULT CHARSET=utf8;");
     $db->query("CREATE TABLE IF NOT EXISTS {groups_users} (\n                 `group_id` int(9) NOT NULL,\n                 `user_id` int(9) NOT NULL,\n                 PRIMARY KEY (`group_id`, `user_id`),\n                 UNIQUE KEY(`user_id`, `group_id`))\n               DEFAULT CHARSET=utf8;");
     $everybody = ORM::factory("group");
     $everybody->name = "Everybody";
     $everybody->special = true;
     $everybody->save();
     $registered = ORM::factory("group");
     $registered->name = "Registered Users";
     $registered->special = true;
     $registered->save();
     $guest = ORM::factory("user");
     $guest->name = "guest";
     $guest->full_name = "Guest User";
     $guest->password = "";
     $guest->guest = true;
     $guest->save();
     $admin = ORM::factory("user");
     $admin->name = "admin";
     $admin->full_name = "Gallery Administrator";
     $admin->password = "******";
     $admin->email = "*****@*****.**";
     $admin->admin = true;
     $admin->save();
     $root = ORM::factory("item", 1);
     access::allow($everybody, "view", $root);
     access::allow($everybody, "view_full", $root);
     access::allow($registered, "view", $root);
     access::allow($registered, "view_full", $root);
     module::set_version("user", 2);
     module::set_var("user", "mininum_password_length", 5);
 }
 static function get($block_id, $theme)
 {
     $block = "";
     // Only display on album pages that the user can edit.
     $item = $theme->item();
     if (!$item || !$item->is_album() || !access::can("edit", $item)) {
         return;
     }
     switch ($block_id) {
         case "batch_tag":
             // Make a new sidebar block.
             $block = new Block();
             $block->css_id = "g-batch-tag";
             $block->title = t("Batch Tag");
             $block->content = new View("batchtag_block.html");
             // Make a new form to place in the sidebar block.
             $form = new Forge("batchtag/tagitems", "", "post", array("id" => "g-batch-tag-form"));
             $label = t("Tag everything in this album:");
             $group = $form->group("add_tag")->label("Add Tag");
             $group->input("name")->label($label)->rules("required|length[1,64]");
             $group->checkbox("tag_subitems")->label(t("Include sub-albums?"))->value(true)->checked(false);
             $group->hidden("item_id")->value($item->id);
             $group->submit("")->value(t("Add Tag"));
             $block->content->batch_tag_form = $form;
             break;
     }
     return $block;
 }
Beispiel #11
0
 public function rename($id)
 {
     access::verify_csrf();
     $tag = ORM::factory("tag", $id);
     if (!$tag->loaded()) {
         throw new Kohana_404_Exception();
     }
     $in_place_edit = InPlaceEdit::factory($tag->name)->action("admin/tags/rename/{$tag->id}")->rules(array("required", "length[1,64]"));
     if ($in_place_edit->validate()) {
         $old_name = $tag->name;
         $new_name_or_list = $in_place_edit->value();
         $tag_list = explode(",", $new_name_or_list);
         $tag->name = array_shift($tag_list);
         $tag->save();
         if (!empty($tag_list)) {
             $this->_copy_items_for_tags($tag, $tag_list);
             $message = t("Split tag <i>%old_name</i> into <i>%tag_list</i>", array("old_name" => $old_name, "tag_list" => $new_name_or_list));
         } else {
             $message = t("Renamed tag <i>%old_name</i> to <i>%new_name</i>", array("old_name" => $old_name, "new_name" => $tag->name));
         }
         message::success($message);
         log::success("tags", $message);
         json::reply(array("result" => "success", "location" => url::site("admin/tags")));
     } else {
         json::reply(array("result" => "error", "form" => (string) $in_place_edit->render()));
     }
 }
 static function site_menu($menu, $theme)
 {
     $item = $theme->item();
     if ($item && $item->is_album() && access::can("edit", $item)) {
         $menu->get("options_menu")->append(Menu::factory("link")->id("captionator")->label(t("Caption album"))->css_id("g-menu-captionator-link")->url(url::site("captionator/dialog/{$item->id}")));
     }
 }
 static function site_menu($menu, $theme)
 {
     $item = $theme->item();
     if ($can_add = $item && access::can("add", $item)) {
         $menu->get("add_menu")->append(Menu::factory("dialog")->id("embed_add")->label(t("Embed Video"))->url(url::site("form/add/embedded_videos/{$item->id}")));
     }
 }
Beispiel #14
0
 public function saveprefs()
 {
     // Save user preferences to the database.
     // Prevent Cross Site Request Forgery
     access::verify_csrf();
     // Make sure the user filled out the form properly.
     $form = $this->_get_admin_form();
     if ($form->validate()) {
         Kohana_Log::add("error", print_r($form, 1));
         // Save settings to Gallery's database.
         foreach (iptc::keys() as $keyword => $iptcvar) {
             $checkbox = false;
             for ($i = 0; $i < count($form->Global->{$keyword}); $i++) {
                 if ($form->Global->{$keyword}->value[$i] == $keyword) {
                     $checkbox = true;
                 }
             }
             module::set_var("iptc", "show_" . $keyword, $checkbox);
         }
         // Display a success message and redirect back to the TagsMap admin page.
         message::success(t("Your settings have been saved."));
         url::redirect("admin/iptc");
     }
     // Else show the page with errors
     $view = new Admin_View("admin.html");
     $view->content = new View("admin_iptc.html");
     $view->content->iptc_form = $form;
     print $view;
 }
 public function save($module_name, $var_name)
 {
     access::verify_csrf();
     module::set_var($module_name, $var_name, Input::instance()->post("value"));
     message::success(t("Saved value for %var (%module_name)", array("var" => $var_name, "module_name" => $module_name)));
     json::reply(array("result" => "success"));
 }
 static function album_menu($menu, $theme)
 {
     if (access::can("view_full", $theme->item)) {
         $downloadLink = url::site("downloadalbum/zip/{$theme->item->id}");
         $menu->append(Menu::factory("link")->id("downloadalbum")->label(t("Download Album"))->url($downloadLink)->css_id("g-download-album-link"));
     }
 }
 public function saveprefs()
 {
     // Prevent Cross Site Request Forgery
     access::verify_csrf();
     $form = $this->_get_admin_form();
     if ($form->validate()) {
         Kohana_Log::add("error", print_r($form, 1));
         module::set_var("tag_albums", "tag_page_title", $form->Tag_Albums_Tag_Sort->tag_page_title->value);
         module::set_var("tag_albums", "tag_index", $form->Tag_Albums_Tag_Sort->tag_index->value);
         module::set_var("tag_albums", "tag_index_scope", count($form->Tag_Albums_Tag_Sort->tag_index_scope->value));
         module::set_var("tag_albums", "tag_index_filter_top", count($form->Tag_Albums_Tag_Sort->tag_index_filter_top->value));
         module::set_var("tag_albums", "tag_index_filter_bottom", count($form->Tag_Albums_Tag_Sort->tag_index_filter_bottom->value));
         module::set_var("tag_albums", "tag_sort_by", $form->Tag_Albums_Tag_Sort->tag_sort_by->value);
         module::set_var("tag_albums", "tag_sort_direction", $form->Tag_Albums_Tag_Sort->tag_sort_direction->value);
         module::set_var("tag_albums", "subalbum_sort_by", $form->Tag_Albums_Tag_Item_Sort->subalbum_sort_by->value);
         module::set_var("tag_albums", "subalbum_sort_direction", $form->Tag_Albums_Tag_Item_Sort->subalbum_sort_direction->value);
         message::success(t("Your settings have been saved."));
         url::redirect("admin/tag_albums");
     }
     // Else show the page with errors
     $view = new Admin_View("admin.html");
     $view->content = new View("admin_tag_albums.html");
     $view->content->tag_albums_form = $form;
     print $view;
 }
Beispiel #18
0
 static function install()
 {
     $db = Database::instance();
     $version = module::get_version("user");
     if ($version == 0) {
         $db->query("CREATE TABLE IF NOT EXISTS {users} (\n                   `id` int(9) NOT NULL auto_increment,\n                   `name` varchar(32) NOT NULL,\n                   `full_name` varchar(255) NOT NULL,\n                   `password` varchar(64) NOT NULL,\n                   `login_count` int(10) unsigned NOT NULL DEFAULT 0,\n                   `last_login` int(10) unsigned NOT NULL DEFAULT 0,\n                   `email` varchar(64) default NULL,\n                   `admin` BOOLEAN default 0,\n                   `guest` BOOLEAN default 0,\n                   `hash` char(32) default NULL,\n                   `url` varchar(255) default NULL,\n                   `locale` char(10) default NULL,\n                   PRIMARY KEY (`id`),\n                   UNIQUE KEY(`hash`),\n                   UNIQUE KEY(`name`))\n                 ENGINE=InnoDB DEFAULT CHARSET=utf8;");
         $db->query("CREATE TABLE IF NOT EXISTS {groups} (\n                   `id` int(9) NOT NULL auto_increment,\n                   `name` char(64) default NULL,\n                   `special` BOOLEAN default 0,\n                   PRIMARY KEY (`id`),\n                   UNIQUE KEY(`name`))\n                 ENGINE=InnoDB DEFAULT CHARSET=utf8;");
         $db->query("CREATE TABLE IF NOT EXISTS {groups_users} (\n                   `group_id` int(9) NOT NULL,\n                   `user_id` int(9) NOT NULL,\n                   PRIMARY KEY (`group_id`, `user_id`),\n                   UNIQUE KEY(`user_id`, `group_id`))\n                 ENGINE=InnoDB DEFAULT CHARSET=utf8;");
         $everybody = group::create("Everybody");
         $everybody->special = true;
         $everybody->save();
         $registered = group::create("Registered Users");
         $registered->special = true;
         $registered->save();
         $guest = user::create("guest", "Guest User", "");
         $guest->guest = true;
         $guest->remove($registered);
         $guest->save();
         $admin = user::create("admin", "Gallery Administrator", "admin");
         $admin->admin = true;
         $admin->save();
         // Let the admin own everything
         $db->update("items", array("owner_id" => $admin->id), array("owner_id" => "IS NULL"));
         module::set_version("user", 1);
         $root = ORM::factory("item", 1);
         access::allow($everybody, "view", $root);
         access::allow($everybody, "view_full", $root);
         access::allow($registered, "view", $root);
         access::allow($registered, "view_full", $root);
     }
 }
Beispiel #19
0
 public function save()
 {
     access::verify_csrf();
     $changes->activate = array();
     $changes->deactivate = array();
     $activated_names = array();
     $deactivated_names = array();
     foreach (module::available() as $module_name => $info) {
         if ($info->locked) {
             continue;
         }
         $desired = $this->input->post($module_name) == 1;
         if ($info->active && !$desired && module::is_active($module_name)) {
             $changes->deactivate[] = $module_name;
             $deactivated_names[] = $info->name;
             module::deactivate($module_name);
         } else {
             if (!$info->active && $desired && !module::is_active($module_name)) {
                 $changes->activate[] = $module_name;
                 $activated_names[] = $info->name;
                 module::install($module_name);
                 module::activate($module_name);
             }
         }
     }
     module::event("module_change", $changes);
     // @todo this type of collation is questionable from a i18n perspective
     if ($activated_names) {
         message::success(t("Activated: %names", array("names" => join(", ", $activated_names))));
     }
     if ($deactivated_names) {
         message::success(t("Deactivated: %names", array("names" => join(", ", $deactivated_names))));
     }
     url::redirect("admin/modules");
 }
 function save($album_id)
 {
     access::verify_csrf();
     $album = ORM::factory("item", $album_id);
     access::required("edit", $album);
     if (Input::instance()->post("save")) {
         $titles = Input::instance()->post("title");
         $descriptions = Input::instance()->post("description");
         $filenames = Input::instance()->post("filename");
         $internetaddresses = Input::instance()->post("internetaddress");
         $tags = Input::instance()->post("tags");
         $enable_tags = module::is_active("tag");
         foreach (array_keys($titles) as $id) {
             $item = ORM::factory("item", $id);
             if ($item->loaded() && access::can("edit", $item)) {
                 $item->title = $titles[$id];
                 $item->description = $descriptions[$id];
                 $item->name = $filenames[$id];
                 $item->slug = $internetaddresses[$id];
                 $item->save();
                 if ($enable_tags) {
                     tag::clear_all($item);
                     foreach (explode(",", $tags[$id]) as $tag_name) {
                         if ($tag_name) {
                             tag::add($item, trim($tag_name));
                         }
                     }
                     tag::compact();
                 }
             }
         }
         message::success(t("Captions saved"));
     }
     url::redirect($album->abs_url());
 }
Beispiel #21
0
 public function _form_edit($user)
 {
     if ($user->guest || $user->id != user::active()->id) {
         access::forbidden();
     }
     print user::get_edit_form($user);
 }
Beispiel #22
0
 function change($command, $group_id, $perm_id, $item_id)
 {
     access::verify_csrf();
     $group = identity::lookup_group($group_id);
     $perm = ORM::factory("permission", $perm_id);
     $item = ORM::factory("item", $item_id);
     access::required("view", $item);
     access::required("edit", $item);
     if (!empty($group) && $perm->loaded() && $item->loaded()) {
         switch ($command) {
             case "allow":
                 access::allow($group, $perm->name, $item);
                 break;
             case "deny":
                 access::deny($group, $perm->name, $item);
                 break;
             case "reset":
                 access::reset($group, $perm->name, $item);
                 break;
         }
         // If the active user just took away their own edit permissions, give it back.
         if ($perm->name == "edit") {
             if (!access::user_can(identity::active_user(), "edit", $item)) {
                 access::allow($group, $perm->name, $item);
             }
         }
     }
 }
Beispiel #23
0
 public function __call($controller_name, $args)
 {
     if (Input::instance()->get("reauth_check")) {
         return self::_reauth_check();
     }
     if (auth::must_reauth_for_admin_area()) {
         return self::_prompt_for_reauth($controller_name, $args);
     }
     if (request::method() == "post") {
         access::verify_csrf();
     }
     if ($controller_name == "index") {
         $controller_name = "dashboard";
     }
     $controller_name = "Admin_{$controller_name}_Controller";
     if ($args) {
         $method = array_shift($args);
     } else {
         $method = "index";
     }
     if (!method_exists($controller_name, $method)) {
         throw new Kohana_404_Exception();
     }
     call_user_func_array(array(new $controller_name(), $method), $args);
 }
Beispiel #24
0
 public function save()
 {
     access::verify_csrf();
     $form = theme::get_edit_form_admin();
     if ($form->validate()) {
         module::set_var("gallery", "page_size", $form->edit_theme->page_size->value);
         $thumb_size = $form->edit_theme->thumb_size->value;
         $thumb_dirty = false;
         if (module::get_var("gallery", "thumb_size") != $thumb_size) {
             graphics::remove_rule("gallery", "thumb", "gallery_graphics::resize");
             graphics::add_rule("gallery", "thumb", "gallery_graphics::resize", array("width" => $thumb_size, "height" => $thumb_size, "master" => Image::AUTO), 100);
             module::set_var("gallery", "thumb_size", $thumb_size);
         }
         $resize_size = $form->edit_theme->resize_size->value;
         $resize_dirty = false;
         if (module::get_var("gallery", "resize_size") != $resize_size) {
             graphics::remove_rule("gallery", "resize", "gallery_graphics::resize");
             graphics::add_rule("gallery", "resize", "gallery_graphics::resize", array("width" => $resize_size, "height" => $resize_size, "master" => Image::AUTO), 100);
             module::set_var("gallery", "resize_size", $resize_size);
         }
         module::set_var("gallery", "header_text", $form->edit_theme->header_text->value);
         module::set_var("gallery", "footer_text", $form->edit_theme->footer_text->value);
         module::set_var("gallery", "show_credits", $form->edit_theme->show_credits->value);
         message::success(t("Updated theme details"));
         url::redirect("admin/theme_options");
     } else {
         $view = new Admin_View("admin.html");
         $view->content = $form;
         print $view;
     }
 }
Beispiel #25
0
 static function feed($feed_id, $offset, $limit, $id)
 {
     $feed = new stdClass();
     switch ($feed_id) {
         case "latest":
             $feed->items = ORM::factory("item")->viewable()->where("type", "<>", "album")->order_by("created", "DESC")->find_all($limit, $offset);
             $all_items = ORM::factory("item")->viewable()->where("type", "<>", "album")->order_by("created", "DESC");
             $feed->max_pages = ceil($all_items->find_all()->count() / $limit);
             $feed->title = t("%site_title - Recent updates", array("site_title" => item::root()->title));
             $feed->description = t("Recent updates");
             return $feed;
         case "album":
             $item = ORM::factory("item", $id);
             access::required("view", $item);
             $feed->items = $item->viewable()->descendants($limit, $offset, array(array("type", "=", "photo")));
             $feed->max_pages = ceil($item->viewable()->descendants_count(array(array("type", "=", "photo"))) / $limit);
             if ($item->id == item::root()->id) {
                 $feed->title = html::purify($item->title);
             } else {
                 $feed->title = t("%site_title - %item_title", array("site_title" => item::root()->title, "item_title" => $item->title));
             }
             $feed->description = nl2br(html::purify($item->description));
             return $feed;
     }
 }
Beispiel #26
0
 public function _form_add($item_id)
 {
     $item = ORM::factory("item", $item_id);
     access::required("view", $item);
     access::required("edit", $item);
     return tag::get_add_form($item);
 }
 public function index()
 {
     $form = $this->_get_form();
     if (request::method() == "post") {
         access::verify_csrf();
         if ($form->validate()) {
             module::set_var("strip_exif", "exiv_path", $_POST['exiv_path']);
             if ($_POST['exif_tags'] != "") {
                 module::set_var("strip_exif", "exif_remove", isset($_POST['exif_remove']) ? $_POST['exif_remove'] : false);
                 module::set_var("strip_exif", "exif_tags", $_POST['exif_tags']);
             } else {
                 module::set_var("strip_exif", "exif_remove", false);
                 module::set_var("strip_exif", "exif_tags", self::$defExifTags);
             }
             if ($_POST['iptc_tags'] != "") {
                 module::set_var("strip_exif", "iptc_remove", isset($_POST['iptc_remove']) ? $_POST['iptc_remove'] : false);
                 module::set_var("strip_exif", "iptc_tags", $_POST['iptc_tags']);
             } else {
                 module::set_var("strip_exif", "iptc_remove", false);
                 module::set_var("strip_exif", "iptc_tags", self::$defIptcTags);
             }
             if (isset($_POST['verbose'])) {
                 module::set_var("strip_exif", "verbose", $_POST['verbose']);
             }
             message::success(t("Settings have been saved"));
             url::redirect("admin/strip_exif");
         } else {
             message::error(t("There was a problem with the submitted form. Please check your values and try again."));
         }
     }
     print $this->_get_view();
 }
 static function required($perm_name, $item)
 {
     // Original code from the required function in modules/gallery/helpers/access.php.
     if (!access::can($perm_name, $item)) {
         if ($perm_name == "view") {
             // Treat as if the item didn't exist, don't leak any information.
             throw new Kohana_404_Exception();
         } else {
             access::forbidden();
         }
         // Begin rWatcher modifications.
         //   Throw a 404 error when a user attempts to access a protected item,
         //   unless the password has been provided, or the user is the item's owner.
     } elseif (module::get_var("albumpassword", "hideonly") == false) {
         $item_protected = ORM::factory("albumpassword_idcache")->where("item_id", "=", $item->id)->order_by("cache_id")->find_all();
         if (count($item_protected) > 0) {
             $existing_password = ORM::factory("items_albumpassword")->where("id", "=", $item_protected[0]->password_id)->find();
             if ($existing_password->loaded()) {
                 if (cookie::get("g3_albumpassword") != $existing_password->password && identity::active_user()->id != $item->owner_id && !identity::active_user()->admin) {
                     throw new Kohana_404_Exception();
                 }
             }
         }
     }
 }
Beispiel #29
0
 public function random($item_id)
 {
     $item = ORM::factory("item", $item_id);
     access::required("view", $item);
     item::set_display_context_callback("Albums_Controller::get_display_context");
     url::redirect($item->abs_url());
 }
Beispiel #30
0
 public function reset_api_key()
 {
     access::verify_csrf();
     rest::reset_access_key();
     message::success(t("Your REST API key has been reset."));
     json::reply(array("result" => "success"));
 }