/**
* Kohana 2.4 introduces a new connection parameter. If it's not specified, make sure that we
* define it here to avoid an error later on.
*
* @todo: add an upgrade path to modify var/database.php so that we can avoid doing this at
* runtime.
*/
protected function __construct(array $config)
{
if (!isset($config["connection"]["params"])) {
$config["connection"]["params"] = null;
}
parent::__construct($config);
if (gallery::show_profiler()) {
$this->config['benchmark'] = true;
}
}
static function reply($data = array())
{
Session::instance()->abort_save();
header("X-Gallery-API-Version: " . rest::API_VERSION);
switch (Input::instance()->get("output", "json")) {
case "json":
json::reply($data);
break;
case "jsonp":
if (!($callback = Input::instance()->get("callback", ""))) {
throw new Rest_Exception("Bad Request", 400, array("errors" => array("callback" => "missing")));
}
if (preg_match('/^[$A-Za-z_][0-9A-Za-z_]*$/', $callback) == 1) {
header("Content-type: application/javascript; charset=UTF-8");
print "{$callback}(" . json_encode($data) . ")";
} else {
throw new Rest_Exception("Bad Request", 400, array("errors" => array("callback" => "invalid")));
}
break;
case "html":
header("Content-type: text/html; charset=UTF-8");
if ($data) {
$html = preg_replace("#([\\w]+?://[\\w]+[^ \\'\"\n\r\t<]*)#ise", "'<a href=\"\\1\" >\\1</a>'", var_export($data, 1));
} else {
$html = t("Empty response");
}
print "<pre>{$html}</pre>";
if (gallery::show_profiler()) {
Profiler::enable();
$profiler = new Profiler();
$profiler->render();
}
break;
default:
throw new Rest_Exception("Bad Request", 400);
}
}
static function admin_page_bottom($theme)
{
$session = Session::instance();
if (gallery::show_profiler()) {
Profiler::enable();
$profiler = new Profiler();
$profiler->render();
}
// Redirect to the root album when the admin session expires.
$content = '<script type="text/javascript">
var adminReauthCheck = function() {
$.ajax({url: "' . url::site("admin?reauth_check=1") . '",
dataType: "json",
success: function(data){
if ("location" in data) {
document.location = data.location;
}
}});
};
setInterval("adminReauthCheck();", 60 * 1000);
</script>';
if (upgrade_checker::should_auto_check()) {
$content .= '<script type="text/javascript">
$.ajax({url: "' . url::site("admin/upgrade_checker/check_now?csrf=" . access::csrf_token()) . '"});
</script>';
}
if ($session->get("l10n_mode", false)) {
$content .= "\n" . L10n_Client_Controller::l10n_form();
}
return $content;
}
public function __call($function, $args)
{
// Force zlib compression off. Image and movie files are already compressed and
// recompressing them is CPU intensive.
if (ini_get("zlib.output_compression")) {
ini_set("zlib.output_compression", "Off");
}
// request_uri: gallery3/var/albums/foo/bar.jpg?m=1234
$request_uri = rawurldecode(Input::instance()->server("REQUEST_URI"));
// get rid of query parameters
// request_uri: gallery3/var/albums/foo/bar.jpg
$request_uri = preg_replace("/\\?.*/", "", $request_uri);
// var_uri: gallery3/var/
$var_uri = url::file("var/");
// Make sure that the request is for a file inside var
$offset = strpos(rawurldecode($request_uri), $var_uri);
if ($offset !== 0) {
$e = new Kohana_404_Exception();
$e->test_fail_code = 1;
throw $e;
}
// file_uri: albums/foo/bar.jpg
$file_uri = substr($request_uri, strlen($var_uri));
// type: albums
// path: foo/bar.jpg
list($type, $path) = explode("/", $file_uri, 2);
if ($type != "resizes" && $type != "albums" && $type != "thumbs") {
$e = new Kohana_404_Exception();
$e->test_fail_code = 2;
throw $e;
}
// Get the item model using the path and type (which corresponds to a var subdir)
$item = item::find_by_path($path, $type);
if (!$item->loaded()) {
$e = new Kohana_404_Exception();
$e->test_fail_code = 3;
throw $e;
}
// Make sure we have access to the item
if (!access::can("view", $item)) {
$e = new Kohana_404_Exception();
$e->test_fail_code = 4;
throw $e;
}
// Make sure we have view_full access to the original
if ($type == "albums" && !access::can("view_full", $item)) {
$e = new Kohana_404_Exception();
$e->test_fail_code = 5;
throw $e;
}
// Don't try to load a directory
if ($type == "albums" && $item->is_album()) {
$e = new Kohana_404_Exception();
$e->test_fail_code = 6;
throw $e;
}
// Note: this code is roughly duplicated in data_rest, so if you modify this, please look to
// see if you should make the same change there as well.
if ($type == "albums") {
$file = $item->file_path();
} else {
if ($type == "resizes") {
$file = $item->resize_path();
} else {
$file = $item->thumb_path();
}
}
if (!file_exists($file)) {
$e = new Kohana_404_Exception();
$e->test_fail_code = 7;
throw $e;
}
if (gallery::show_profiler()) {
Profiler::enable();
$profiler = new Profiler();
$profiler->render();
exit;
}
header("Content-Length: " . filesize($file));
header("Pragma:");
// Check that the content hasn't expired or it wasn't changed since cached
expires::check(2592000, $item->updated);
// We don't need to save the session for this request
Session::instance()->abort_save();
expires::set(2592000, $item->updated);
// 30 days
// Dump out the image. If the item is a movie or album, then its thumbnail will be a JPG.
if (($item->is_movie() || $item->is_album()) && $type == "thumbs") {
header("Content-Type: image/jpeg");
} else {
header("Content-Type: {$item->mime_type}");
}
if (TEST_MODE) {
return $file;
} else {
// Don't use Kohana::close_buffers(false) here because that only closes all the buffers
// that Kohana started. We want to close *all* buffers at this point because otherwise we're
// going to buffer up whatever file we're proxying (and it may be very large). This may
// affect embedding or systems with PHP's output_buffering enabled.
while (ob_get_level()) {
if (!@ob_end_clean()) {
// ob_end_clean() can return false if the buffer can't be removed for some reason
// (zlib output compression buffers sometimes cause problems).
break;
}
}
readfile($file);
}
}
