public function upgrade()
{
if (php_sapi_name() == "cli") {
// @todo this may screw up some module installers, but we don't have a better answer at
// this time.
$_SERVER["HTTP_HOST"] = "example.com";
} else {
if (!user::active()->admin && !Session::instance()->get("can_upgrade", false)) {
access::forbidden();
}
}
// Upgrade gallery and user first
module::install("gallery");
module::install("user");
// Then upgrade the rest
foreach (module::available() as $id => $module) {
if ($id == "gallery") {
continue;
}
if ($module->active && $module->code_version != $module->version) {
module::install($id);
}
}
if (php_sapi_name() == "cli") {
print "Upgrade complete\n";
} else {
url::redirect("upgrader?done=1");
}
}
public function saveprefs()
{
// Prevent Cross Site Request Forgery
access::verify_csrf();
$form = $this->_get_admin_form();
// Figure out which boxes where checked
$shareOpts_array = Input::instance()->post("ShareOptions");
$IconsButton = false;
$HTMLLinksButton = false;
for ($i = 0; $i < count($shareOpts_array); $i++) {
if ($shareOpts_array[$i] == "Icons") {
$IconsButton = true;
}
if ($shareOpts_array[$i] == "HTMLLinks") {
$HTMLLinksButton = true;
}
}
// Save Settings.
module::set_var("sharephoto", "Icons", $IconsButton);
module::set_var("sharephoto", "HTMLLinks", $HTMLLinksButton);
message::success(t("Your Selection Has Been Saved."));
// Load Admin page.
$view = new Admin_View("admin.html");
$view->content = new View("admin_sharephoto.html");
$view->content->sharephoto_form = $form;
print $view;
}
public function saveprefs()
{
// Process the admin form.
// Prevent Cross Site Request Forgery
access::verify_csrf();
// Save user specified settings to the database.
$str_slideshow_url = Input::instance()->post("slideshow_url");
module::set_var("minislideshow", "slideshow_url", $str_slideshow_url);
$str_slideshow_shuffle = Input::instance()->post("shuffle");
module::set_var("minislideshow", "shuffle", $str_slideshow_shuffle);
$str_slideshow_dropshadow = Input::instance()->post("dropshadow");
module::set_var("minislideshow", "dropshadow", $str_slideshow_dropshadow);
$str_slideshow_show_title = Input::instance()->post("show_title");
module::set_var("minislideshow", "show_title", $str_slideshow_show_title);
$str_slideshow_trans_in_type = Input::instance()->post("trans_in_type");
module::set_var("minislideshow", "trans_in_type", $str_slideshow_trans_in_type);
$str_slideshow_trans_out_type = Input::instance()->post("trans_out_type");
module::set_var("minislideshow", "trans_out_type", $str_slideshow_trans_out_type);
$str_slideshow_mask = Input::instance()->post("mask");
module::set_var("minislideshow", "mask", $str_slideshow_mask);
$str_slideshow_use_full_image = Input::instance()->post("use_full_image");
module::set_var("minislideshow", "use_full_image", $str_slideshow_use_full_image);
$str_slideshow_delay = Input::instance()->post("delay");
module::set_var("minislideshow", "delay", $str_slideshow_delay);
// Display a success message and load the admin screen.
message::success(t("Your Settings Have Been Saved."));
$view = new Admin_View("admin.html");
$view->content = new View("admin_minislideshow.html");
$view->content->minislideshow_form = $this->_get_admin_form();
print $view;
}
public function handler()
{
access::verify_csrf();
$form = $this->_get_form();
if ($form->validate()) {
module::set_var("social_share", "general_impage_only", $form->general_settings->general_impage_only->value);
module::set_var("social_share", "facebook_share_enabled", $form->facebook_share_settings->facebook_share_enabled->value);
module::set_var("social_share", "facebook_share_layout", $form->facebook_share_settings->facebook_share_layout->value);
module::set_var("social_share", "facebook_share_link_text", $form->facebook_share_settings->facebook_share_link_text->value);
module::set_var("social_share", "facebook_like_enabled", $form->facebook_like_settings->facebook_like_enabled->value);
module::set_var("social_share", "facebook_like_appId", $form->facebook_like_settings->facebook_like_appId->value);
module::set_var("social_share", "facebook_like_adminId", $form->facebook_like_settings->facebook_like_adminId->value);
module::set_var("social_share", "facebook_like_site_name", $form->facebook_like_settings->facebook_like_site_name->value);
module::set_var("social_share", "facebook_like_code_type", $form->facebook_like_settings->facebook_like_code_type->value);
module::set_var("social_share", "facebook_like_show_faces", $form->facebook_like_settings->facebook_like_show_faces->value, true);
module::set_var("social_share", "facebook_like_send", $form->facebook_like_settings->facebook_like_send->value, true);
module::set_var("social_share", "facebook_like_action", $form->facebook_like_settings->facebook_like_action->value);
module::set_var("social_share", "facebook_like_layout", $form->facebook_like_settings->facebook_like_layout->value);
module::set_var("social_share", "google_enabled", $form->google_settings->google_enabled->value);
module::set_var("social_share", "google_size", $form->google_settings->google_size->value);
module::set_var("social_share", "google_annotation", $form->google_settings->google_annotation->value);
module::set_var("social_share", "pinterest_enabled", $form->pinterest_settings->pinterest_enabled->value);
module::set_var("social_share", "pinterest_count_location", $form->pinterest_settings->pinterest_count_location->value);
module::set_var("social_share", "twitter_enabled", $form->twitter_settings->twitter_enabled->value);
module::set_var("social_share", "twitter_count_location", $form->twitter_settings->twitter_count_location->value);
module::set_var("social_share", "twitter_size", $form->twitter_settings->twitter_size->value);
message::success(t("Your settings have been saved."));
url::redirect("admin/social_share");
}
print $this->_get_view($form);
}
static function delete($request)
{
list($tag, $item) = rest::resolve($request->url);
access::required("edit", $item);
$tag->remove($item);
$tag->save();
}
public function saveprefs()
{
// Prevent Cross Site Request Forgery
access::verify_csrf();
// Figure out which boxes where checked
$dlLinks_array = Input::instance()->post("DownloadLinkOptions");
$fButton = false;
$download_original_button = false;
for ($i = 0; $i < count($dlLinks_array); $i++) {
if ($dlLinks_array[$i] == "fButton") {
$fButton = true;
}
}
if (module::is_active("keeporiginal")) {
$keeporiginal_array = Input::instance()->post("DownloadOriginalOptions");
for ($i = 0; $i < count($keeporiginal_array); $i++) {
if ($keeporiginal_array[$i] == "DownloadOriginalImage") {
$download_original_button = true;
}
}
module::set_var("downloadfullsize", "DownloadOriginalImage", $download_original_button);
}
// Save Settings.
module::set_var("downloadfullsize", "fButton", $fButton);
message::success(t("Your Selection Has Been Saved."));
// Load Admin page.
$view = new Admin_View("admin.html");
$view->content = new View("admin_downloadfullsize.html");
$view->content->downloadlinks_form = $this->_get_admin_form();
print $view;
}
public function rename($id)
{
access::verify_csrf();
$tag = ORM::factory("tag", $id);
if (!$tag->loaded) {
kohana::show_404();
}
$form = tag::get_rename_form($tag);
$valid = $form->validate();
if ($valid) {
$new_name = $form->rename_tag->inputs["name"]->value;
$new_tag = ORM::factory("tag")->where("name", $new_name)->find();
if ($new_tag->loaded) {
$form->rename_tag->inputs["name"]->add_error("in_use", 1);
$valid = false;
}
}
if ($valid) {
$old_name = $tag->name;
$tag->name = $new_name;
$tag->save();
$message = t("Renamed tag %old_name to %new_name", array("old_name" => $old_name, "new_name" => $tag->name));
message::success($message);
log::success("tags", $message);
print json_encode(array("result" => "success", "location" => url::site("admin/tags"), "tag_id" => $tag->id, "new_tagname" => html::clean($tag->name)));
} else {
print json_encode(array("result" => "error", "form" => $form->__toString()));
}
}
public function edit()
{
access::verify_csrf();
$form = $this->_get_admin_form();
if ($form->validate()) {
$options = $form->tag_cloud_options;
$valid = true;
if (preg_match("/^0x[0-9A-Fa-f]{6}\$/", $options->tagcolor->value) == 0) {
$options->tagcolor->add_error("not_valid", 1);
$valid = false;
}
if (preg_match("/^0x[0-9A-Fa-f]{6}\$/", $options->background_color->value) == 0) {
$options->background_color->add_error("not_valid", 1);
$valid = false;
}
if ($valid) {
module::set_var("tag_cloud", "tagcolor", $options->tagcolor->value);
module::set_var("tag_cloud", "mouseover", $options->mouseover->value);
module::set_var("tag_cloud", "background_color", $options->background_color->value);
module::set_var("tag_cloud", "transparent", $options->transparent->value);
module::set_var("tag_cloud", "speed", $options->speed->value);
module::set_var("tag_cloud", "distribution", $options->distribution->value);
message::success(t("Tag cloud options updated successfully"));
url::redirect("admin/tag_cloud");
}
}
$view = new Admin_View("admin.html");
$view->content = new View("admin_tag_cloud.html");
$view->content->form = $form;
print $view;
}
static function initialize()
{
$db = Database::instance();
$db->query("CREATE TABLE IF NOT EXISTS {users} (\n `id` int(9) NOT NULL auto_increment,\n `name` varchar(32) NOT NULL,\n `full_name` varchar(255) NOT NULL,\n `password` varchar(64) NOT NULL,\n `login_count` int(10) unsigned NOT NULL DEFAULT 0,\n `last_login` int(10) unsigned NOT NULL DEFAULT 0,\n `email` varchar(64) default NULL,\n `admin` BOOLEAN default 0,\n `guest` BOOLEAN default 0,\n `hash` char(32) default NULL,\n `url` varchar(255) default NULL,\n `locale` char(10) default NULL,\n PRIMARY KEY (`id`),\n UNIQUE KEY(`hash`),\n UNIQUE KEY(`name`))\n DEFAULT CHARSET=utf8;");
$db->query("CREATE TABLE IF NOT EXISTS {groups} (\n `id` int(9) NOT NULL auto_increment,\n `name` char(64) default NULL,\n `special` BOOLEAN default 0,\n PRIMARY KEY (`id`),\n UNIQUE KEY(`name`))\n DEFAULT CHARSET=utf8;");
$db->query("CREATE TABLE IF NOT EXISTS {groups_users} (\n `group_id` int(9) NOT NULL,\n `user_id` int(9) NOT NULL,\n PRIMARY KEY (`group_id`, `user_id`),\n UNIQUE KEY(`user_id`, `group_id`))\n DEFAULT CHARSET=utf8;");
$everybody = ORM::factory("group");
$everybody->name = "Everybody";
$everybody->special = true;
$everybody->save();
$registered = ORM::factory("group");
$registered->name = "Registered Users";
$registered->special = true;
$registered->save();
$guest = ORM::factory("user");
$guest->name = "guest";
$guest->full_name = "Guest User";
$guest->password = "";
$guest->guest = true;
$guest->save();
$admin = ORM::factory("user");
$admin->name = "admin";
$admin->full_name = "Gallery Administrator";
$admin->password = "******";
$admin->email = "*****@*****.**";
$admin->admin = true;
$admin->save();
$root = ORM::factory("item", 1);
access::allow($everybody, "view", $root);
access::allow($everybody, "view_full", $root);
access::allow($registered, "view", $root);
access::allow($registered, "view_full", $root);
module::set_version("user", 2);
module::set_var("user", "mininum_password_length", 5);
}
static function get($block_id, $theme)
{
$block = "";
// Only display on album pages that the user can edit.
$item = $theme->item();
if (!$item || !$item->is_album() || !access::can("edit", $item)) {
return;
}
switch ($block_id) {
case "batch_tag":
// Make a new sidebar block.
$block = new Block();
$block->css_id = "g-batch-tag";
$block->title = t("Batch Tag");
$block->content = new View("batchtag_block.html");
// Make a new form to place in the sidebar block.
$form = new Forge("batchtag/tagitems", "", "post", array("id" => "g-batch-tag-form"));
$label = t("Tag everything in this album:");
$group = $form->group("add_tag")->label("Add Tag");
$group->input("name")->label($label)->rules("required|length[1,64]");
$group->checkbox("tag_subitems")->label(t("Include sub-albums?"))->value(true)->checked(false);
$group->hidden("item_id")->value($item->id);
$group->submit("")->value(t("Add Tag"));
$block->content->batch_tag_form = $form;
break;
}
return $block;
}
public function rename($id)
{
access::verify_csrf();
$tag = ORM::factory("tag", $id);
if (!$tag->loaded()) {
throw new Kohana_404_Exception();
}
$in_place_edit = InPlaceEdit::factory($tag->name)->action("admin/tags/rename/{$tag->id}")->rules(array("required", "length[1,64]"));
if ($in_place_edit->validate()) {
$old_name = $tag->name;
$new_name_or_list = $in_place_edit->value();
$tag_list = explode(",", $new_name_or_list);
$tag->name = array_shift($tag_list);
$tag->save();
if (!empty($tag_list)) {
$this->_copy_items_for_tags($tag, $tag_list);
$message = t("Split tag <i>%old_name</i> into <i>%tag_list</i>", array("old_name" => $old_name, "tag_list" => $new_name_or_list));
} else {
$message = t("Renamed tag <i>%old_name</i> to <i>%new_name</i>", array("old_name" => $old_name, "new_name" => $tag->name));
}
message::success($message);
log::success("tags", $message);
json::reply(array("result" => "success", "location" => url::site("admin/tags")));
} else {
json::reply(array("result" => "error", "form" => (string) $in_place_edit->render()));
}
}
static function site_menu($menu, $theme)
{
$item = $theme->item();
if ($item && $item->is_album() && access::can("edit", $item)) {
$menu->get("options_menu")->append(Menu::factory("link")->id("captionator")->label(t("Caption album"))->css_id("g-menu-captionator-link")->url(url::site("captionator/dialog/{$item->id}")));
}
}
static function site_menu($menu, $theme)
{
$item = $theme->item();
if ($can_add = $item && access::can("add", $item)) {
$menu->get("add_menu")->append(Menu::factory("dialog")->id("embed_add")->label(t("Embed Video"))->url(url::site("form/add/embedded_videos/{$item->id}")));
}
}
public function saveprefs()
{
// Save user preferences to the database.
// Prevent Cross Site Request Forgery
access::verify_csrf();
// Make sure the user filled out the form properly.
$form = $this->_get_admin_form();
if ($form->validate()) {
Kohana_Log::add("error", print_r($form, 1));
// Save settings to Gallery's database.
foreach (iptc::keys() as $keyword => $iptcvar) {
$checkbox = false;
for ($i = 0; $i < count($form->Global->{$keyword}); $i++) {
if ($form->Global->{$keyword}->value[$i] == $keyword) {
$checkbox = true;
}
}
module::set_var("iptc", "show_" . $keyword, $checkbox);
}
// Display a success message and redirect back to the TagsMap admin page.
message::success(t("Your settings have been saved."));
url::redirect("admin/iptc");
}
// Else show the page with errors
$view = new Admin_View("admin.html");
$view->content = new View("admin_iptc.html");
$view->content->iptc_form = $form;
print $view;
}
public function save($module_name, $var_name)
{
access::verify_csrf();
module::set_var($module_name, $var_name, Input::instance()->post("value"));
message::success(t("Saved value for %var (%module_name)", array("var" => $var_name, "module_name" => $module_name)));
json::reply(array("result" => "success"));
}
static function album_menu($menu, $theme)
{
if (access::can("view_full", $theme->item)) {
$downloadLink = url::site("downloadalbum/zip/{$theme->item->id}");
$menu->append(Menu::factory("link")->id("downloadalbum")->label(t("Download Album"))->url($downloadLink)->css_id("g-download-album-link"));
}
}
public function saveprefs()
{
// Prevent Cross Site Request Forgery
access::verify_csrf();
$form = $this->_get_admin_form();
if ($form->validate()) {
Kohana_Log::add("error", print_r($form, 1));
module::set_var("tag_albums", "tag_page_title", $form->Tag_Albums_Tag_Sort->tag_page_title->value);
module::set_var("tag_albums", "tag_index", $form->Tag_Albums_Tag_Sort->tag_index->value);
module::set_var("tag_albums", "tag_index_scope", count($form->Tag_Albums_Tag_Sort->tag_index_scope->value));
module::set_var("tag_albums", "tag_index_filter_top", count($form->Tag_Albums_Tag_Sort->tag_index_filter_top->value));
module::set_var("tag_albums", "tag_index_filter_bottom", count($form->Tag_Albums_Tag_Sort->tag_index_filter_bottom->value));
module::set_var("tag_albums", "tag_sort_by", $form->Tag_Albums_Tag_Sort->tag_sort_by->value);
module::set_var("tag_albums", "tag_sort_direction", $form->Tag_Albums_Tag_Sort->tag_sort_direction->value);
module::set_var("tag_albums", "subalbum_sort_by", $form->Tag_Albums_Tag_Item_Sort->subalbum_sort_by->value);
module::set_var("tag_albums", "subalbum_sort_direction", $form->Tag_Albums_Tag_Item_Sort->subalbum_sort_direction->value);
message::success(t("Your settings have been saved."));
url::redirect("admin/tag_albums");
}
// Else show the page with errors
$view = new Admin_View("admin.html");
$view->content = new View("admin_tag_albums.html");
$view->content->tag_albums_form = $form;
print $view;
}
static function install()
{
$db = Database::instance();
$version = module::get_version("user");
if ($version == 0) {
$db->query("CREATE TABLE IF NOT EXISTS {users} (\n `id` int(9) NOT NULL auto_increment,\n `name` varchar(32) NOT NULL,\n `full_name` varchar(255) NOT NULL,\n `password` varchar(64) NOT NULL,\n `login_count` int(10) unsigned NOT NULL DEFAULT 0,\n `last_login` int(10) unsigned NOT NULL DEFAULT 0,\n `email` varchar(64) default NULL,\n `admin` BOOLEAN default 0,\n `guest` BOOLEAN default 0,\n `hash` char(32) default NULL,\n `url` varchar(255) default NULL,\n `locale` char(10) default NULL,\n PRIMARY KEY (`id`),\n UNIQUE KEY(`hash`),\n UNIQUE KEY(`name`))\n ENGINE=InnoDB DEFAULT CHARSET=utf8;");
$db->query("CREATE TABLE IF NOT EXISTS {groups} (\n `id` int(9) NOT NULL auto_increment,\n `name` char(64) default NULL,\n `special` BOOLEAN default 0,\n PRIMARY KEY (`id`),\n UNIQUE KEY(`name`))\n ENGINE=InnoDB DEFAULT CHARSET=utf8;");
$db->query("CREATE TABLE IF NOT EXISTS {groups_users} (\n `group_id` int(9) NOT NULL,\n `user_id` int(9) NOT NULL,\n PRIMARY KEY (`group_id`, `user_id`),\n UNIQUE KEY(`user_id`, `group_id`))\n ENGINE=InnoDB DEFAULT CHARSET=utf8;");
$everybody = group::create("Everybody");
$everybody->special = true;
$everybody->save();
$registered = group::create("Registered Users");
$registered->special = true;
$registered->save();
$guest = user::create("guest", "Guest User", "");
$guest->guest = true;
$guest->remove($registered);
$guest->save();
$admin = user::create("admin", "Gallery Administrator", "admin");
$admin->admin = true;
$admin->save();
// Let the admin own everything
$db->update("items", array("owner_id" => $admin->id), array("owner_id" => "IS NULL"));
module::set_version("user", 1);
$root = ORM::factory("item", 1);
access::allow($everybody, "view", $root);
access::allow($everybody, "view_full", $root);
access::allow($registered, "view", $root);
access::allow($registered, "view_full", $root);
}
}
public function save()
{
access::verify_csrf();
$changes->activate = array();
$changes->deactivate = array();
$activated_names = array();
$deactivated_names = array();
foreach (module::available() as $module_name => $info) {
if ($info->locked) {
continue;
}
$desired = $this->input->post($module_name) == 1;
if ($info->active && !$desired && module::is_active($module_name)) {
$changes->deactivate[] = $module_name;
$deactivated_names[] = $info->name;
module::deactivate($module_name);
} else {
if (!$info->active && $desired && !module::is_active($module_name)) {
$changes->activate[] = $module_name;
$activated_names[] = $info->name;
module::install($module_name);
module::activate($module_name);
}
}
}
module::event("module_change", $changes);
// @todo this type of collation is questionable from a i18n perspective
if ($activated_names) {
message::success(t("Activated: %names", array("names" => join(", ", $activated_names))));
}
if ($deactivated_names) {
message::success(t("Deactivated: %names", array("names" => join(", ", $deactivated_names))));
}
url::redirect("admin/modules");
}
function save($album_id)
{
access::verify_csrf();
$album = ORM::factory("item", $album_id);
access::required("edit", $album);
if (Input::instance()->post("save")) {
$titles = Input::instance()->post("title");
$descriptions = Input::instance()->post("description");
$filenames = Input::instance()->post("filename");
$internetaddresses = Input::instance()->post("internetaddress");
$tags = Input::instance()->post("tags");
$enable_tags = module::is_active("tag");
foreach (array_keys($titles) as $id) {
$item = ORM::factory("item", $id);
if ($item->loaded() && access::can("edit", $item)) {
$item->title = $titles[$id];
$item->description = $descriptions[$id];
$item->name = $filenames[$id];
$item->slug = $internetaddresses[$id];
$item->save();
if ($enable_tags) {
tag::clear_all($item);
foreach (explode(",", $tags[$id]) as $tag_name) {
if ($tag_name) {
tag::add($item, trim($tag_name));
}
}
tag::compact();
}
}
}
message::success(t("Captions saved"));
}
url::redirect($album->abs_url());
}
public function _form_edit($user)
{
if ($user->guest || $user->id != user::active()->id) {
access::forbidden();
}
print user::get_edit_form($user);
}
function change($command, $group_id, $perm_id, $item_id)
{
access::verify_csrf();
$group = identity::lookup_group($group_id);
$perm = ORM::factory("permission", $perm_id);
$item = ORM::factory("item", $item_id);
access::required("view", $item);
access::required("edit", $item);
if (!empty($group) && $perm->loaded() && $item->loaded()) {
switch ($command) {
case "allow":
access::allow($group, $perm->name, $item);
break;
case "deny":
access::deny($group, $perm->name, $item);
break;
case "reset":
access::reset($group, $perm->name, $item);
break;
}
// If the active user just took away their own edit permissions, give it back.
if ($perm->name == "edit") {
if (!access::user_can(identity::active_user(), "edit", $item)) {
access::allow($group, $perm->name, $item);
}
}
}
}
public function __call($controller_name, $args)
{
if (Input::instance()->get("reauth_check")) {
return self::_reauth_check();
}
if (auth::must_reauth_for_admin_area()) {
return self::_prompt_for_reauth($controller_name, $args);
}
if (request::method() == "post") {
access::verify_csrf();
}
if ($controller_name == "index") {
$controller_name = "dashboard";
}
$controller_name = "Admin_{$controller_name}_Controller";
if ($args) {
$method = array_shift($args);
} else {
$method = "index";
}
if (!method_exists($controller_name, $method)) {
throw new Kohana_404_Exception();
}
call_user_func_array(array(new $controller_name(), $method), $args);
}
public function save()
{
access::verify_csrf();
$form = theme::get_edit_form_admin();
if ($form->validate()) {
module::set_var("gallery", "page_size", $form->edit_theme->page_size->value);
$thumb_size = $form->edit_theme->thumb_size->value;
$thumb_dirty = false;
if (module::get_var("gallery", "thumb_size") != $thumb_size) {
graphics::remove_rule("gallery", "thumb", "gallery_graphics::resize");
graphics::add_rule("gallery", "thumb", "gallery_graphics::resize", array("width" => $thumb_size, "height" => $thumb_size, "master" => Image::AUTO), 100);
module::set_var("gallery", "thumb_size", $thumb_size);
}
$resize_size = $form->edit_theme->resize_size->value;
$resize_dirty = false;
if (module::get_var("gallery", "resize_size") != $resize_size) {
graphics::remove_rule("gallery", "resize", "gallery_graphics::resize");
graphics::add_rule("gallery", "resize", "gallery_graphics::resize", array("width" => $resize_size, "height" => $resize_size, "master" => Image::AUTO), 100);
module::set_var("gallery", "resize_size", $resize_size);
}
module::set_var("gallery", "header_text", $form->edit_theme->header_text->value);
module::set_var("gallery", "footer_text", $form->edit_theme->footer_text->value);
module::set_var("gallery", "show_credits", $form->edit_theme->show_credits->value);
message::success(t("Updated theme details"));
url::redirect("admin/theme_options");
} else {
$view = new Admin_View("admin.html");
$view->content = $form;
print $view;
}
}
static function feed($feed_id, $offset, $limit, $id)
{
$feed = new stdClass();
switch ($feed_id) {
case "latest":
$feed->items = ORM::factory("item")->viewable()->where("type", "<>", "album")->order_by("created", "DESC")->find_all($limit, $offset);
$all_items = ORM::factory("item")->viewable()->where("type", "<>", "album")->order_by("created", "DESC");
$feed->max_pages = ceil($all_items->find_all()->count() / $limit);
$feed->title = t("%site_title - Recent updates", array("site_title" => item::root()->title));
$feed->description = t("Recent updates");
return $feed;
case "album":
$item = ORM::factory("item", $id);
access::required("view", $item);
$feed->items = $item->viewable()->descendants($limit, $offset, array(array("type", "=", "photo")));
$feed->max_pages = ceil($item->viewable()->descendants_count(array(array("type", "=", "photo"))) / $limit);
if ($item->id == item::root()->id) {
$feed->title = html::purify($item->title);
} else {
$feed->title = t("%site_title - %item_title", array("site_title" => item::root()->title, "item_title" => $item->title));
}
$feed->description = nl2br(html::purify($item->description));
return $feed;
}
}
public function _form_add($item_id)
{
$item = ORM::factory("item", $item_id);
access::required("view", $item);
access::required("edit", $item);
return tag::get_add_form($item);
}
public function index()
{
$form = $this->_get_form();
if (request::method() == "post") {
access::verify_csrf();
if ($form->validate()) {
module::set_var("strip_exif", "exiv_path", $_POST['exiv_path']);
if ($_POST['exif_tags'] != "") {
module::set_var("strip_exif", "exif_remove", isset($_POST['exif_remove']) ? $_POST['exif_remove'] : false);
module::set_var("strip_exif", "exif_tags", $_POST['exif_tags']);
} else {
module::set_var("strip_exif", "exif_remove", false);
module::set_var("strip_exif", "exif_tags", self::$defExifTags);
}
if ($_POST['iptc_tags'] != "") {
module::set_var("strip_exif", "iptc_remove", isset($_POST['iptc_remove']) ? $_POST['iptc_remove'] : false);
module::set_var("strip_exif", "iptc_tags", $_POST['iptc_tags']);
} else {
module::set_var("strip_exif", "iptc_remove", false);
module::set_var("strip_exif", "iptc_tags", self::$defIptcTags);
}
if (isset($_POST['verbose'])) {
module::set_var("strip_exif", "verbose", $_POST['verbose']);
}
message::success(t("Settings have been saved"));
url::redirect("admin/strip_exif");
} else {
message::error(t("There was a problem with the submitted form. Please check your values and try again."));
}
}
print $this->_get_view();
}
static function required($perm_name, $item)
{
// Original code from the required function in modules/gallery/helpers/access.php.
if (!access::can($perm_name, $item)) {
if ($perm_name == "view") {
// Treat as if the item didn't exist, don't leak any information.
throw new Kohana_404_Exception();
} else {
access::forbidden();
}
// Begin rWatcher modifications.
// Throw a 404 error when a user attempts to access a protected item,
// unless the password has been provided, or the user is the item's owner.
} elseif (module::get_var("albumpassword", "hideonly") == false) {
$item_protected = ORM::factory("albumpassword_idcache")->where("item_id", "=", $item->id)->order_by("cache_id")->find_all();
if (count($item_protected) > 0) {
$existing_password = ORM::factory("items_albumpassword")->where("id", "=", $item_protected[0]->password_id)->find();
if ($existing_password->loaded()) {
if (cookie::get("g3_albumpassword") != $existing_password->password && identity::active_user()->id != $item->owner_id && !identity::active_user()->admin) {
throw new Kohana_404_Exception();
}
}
}
}
}
public function random($item_id)
{
$item = ORM::factory("item", $item_id);
access::required("view", $item);
item::set_display_context_callback("Albums_Controller::get_display_context");
url::redirect($item->abs_url());
}
public function reset_api_key()
{
access::verify_csrf();
rest::reset_access_key();
message::success(t("Your REST API key has been reset."));
json::reply(array("result" => "success"));
}
