public function purify_test()
{
$safe_string = html::purify("hello <p >world</p>");
$expected = method_exists("purifier", "purify") ? "hello <p>world</p>" : "hello <p >world</p>";
$this->assert_equal($expected, $safe_string->unescaped());
$this->assert_true($safe_string instanceof SafeString);
}
public function delete($id)
{
access::verify_csrf();
$item = model_cache::get("item", $id);
access::required("view", $item);
access::required("edit", $item);
if ($item->is_album()) {
$msg = t("Deleted album <b>%title</b>", array("title" => html::purify($item->title)));
} else {
$msg = t("Deleted photo <b>%title</b>", array("title" => html::purify($item->title)));
}
$parent = $item->parent();
if ($item->is_album()) {
// Album delete will trigger deletes for all children. Do this in a batch so that we can be
// smart about notifications, album cover updates, etc.
batch::start();
$item->delete();
batch::stop();
} else {
$item->delete();
}
message::success($msg);
$from_id = Input::instance()->get("from_id");
if (Input::instance()->get("page_type") == "collection" && $from_id != $id) {
json::reply(array("result" => "success", "reload" => 1));
} else {
json::reply(array("result" => "success", "location" => $parent->url()));
}
}
public function save()
{
access::verify_csrf();
$form = $this->_get_edit_form_admin();
if ($form->validate()) {
module::set_var("gallery", "page_size", $form->edit_theme->page_size->value);
$thumb_size = $form->edit_theme->thumb_size->value;
if (module::get_var("gallery", "thumb_size") != $thumb_size) {
graphics::remove_rule("gallery", "thumb", "gallery_graphics::resize");
graphics::add_rule("gallery", "thumb", "gallery_graphics::resize", array("width" => $thumb_size, "height" => $thumb_size, "master" => Image::AUTO), 100);
module::set_var("gallery", "thumb_size", $thumb_size);
}
$resize_size = $form->edit_theme->resize_size->value;
if (module::get_var("gallery", "resize_size") != $resize_size) {
graphics::remove_rule("gallery", "resize", "gallery_graphics::resize");
graphics::add_rule("gallery", "resize", "gallery_graphics::resize", array("width" => $resize_size, "height" => $resize_size, "master" => Image::AUTO), 100);
module::set_var("gallery", "resize_size", $resize_size);
}
module::set_var("gallery", "show_credits", $form->edit_theme->show_credits->value);
// Sanitize values that get placed directly in HTML output by theme.
module::set_var("gallery", "header_text", html::purify($form->edit_theme->header_text->value));
module::set_var("gallery", "footer_text", html::purify($form->edit_theme->footer_text->value));
module::set_var("gallery", "favicon_url", html::purify($form->edit_theme->favicon_url->value));
module::set_var("gallery", "apple_touch_icon_url", html::purify($form->edit_theme->apple_touch_icon_url->value));
module::event("theme_edit_form_completed", $form);
message::success(t("Updated theme details"));
url::redirect("admin/theme_options");
} else {
$view = new Admin_View("admin.html");
$view->content = new View("admin_theme_options.html");
$view->content->form = $form;
print $view;
}
}
/**
* @see REST_Controller::_update($resource)
*/
public function _update($photo)
{
access::verify_csrf();
access::required("view", $photo);
access::required("edit", $photo);
$form = photo::get_edit_form($photo);
if ($valid = $form->validate()) {
if ($form->edit_item->filename->value != $photo->name) {
// Make sure that there's not a conflict
if (Database::instance()->from("items")->where("parent_id", $photo->parent_id)->where("id <>", $photo->id)->where("name", $form->edit_item->filename->value)->count_records()) {
$form->edit_item->filename->add_error("conflict", 1);
$valid = false;
}
}
}
if ($valid) {
$photo->title = $form->edit_item->title->value;
$photo->description = $form->edit_item->description->value;
$photo->rename($form->edit_item->filename->value);
$photo->save();
module::event("item_edit_form_completed", $photo, $form);
log::success("content", "Updated photo", "<a href=\"photos/{$photo->id}\">view</a>");
message::success(t("Saved photo %photo_title", array("photo_title" => html::purify($photo->title))));
print json_encode(array("result" => "success"));
} else {
print json_encode(array("result" => "error", "form" => $form->__toString()));
}
}
public function show($page_name)
{
// Display the page specified by $page_name, or a 404 error if it doesn't exist.
// Run a database search to look up the page.
$existing_page = ORM::factory("px_static_page")->where("name", "=", $page_name)->find_all();
// If it doesn't exist, display a 404 error.
if (count($existing_page) == 0) {
throw new Kohana_404_Exception();
}
// Set up breadcrumbs.
$breadcrumbs = array();
$root = item::root();
$breadcrumbs[] = Breadcrumb::instance($root->title, $root->url())->set_first();
$breadcrumbs[] = Breadcrumb::instance(t($existing_page[0]->title), url::site("pages_xtra/show/{$page_name}"))->set_last();
// Display the page.
$template = new Theme_View("page.html", "other", "Pages");
$template->set_global(array("breadcrumbs" => $breadcrumbs));
// Call database variables into page header (off-page content).
$site_title = module::get_var("pages_xtra", "site_title");
// Next line can be used as alternative to the following line
// $template->page_title = t("Gallery :: ") . t($existing_page[0]->title);
$template->page_title = t($existing_page[0]->title) . t(" :: {$site_title}");
$template->page_tags = $existing_page[0]->tags;
$page_tags = trim(nl2br(html::purify($existing_page[0]->tags)));
$template->page_description = $existing_page[0]->description;
$page_description = trim(nl2br(html::purify($existing_page[0]->description)));
// Set a new View and call database variables into page (on-page content).
$template->content = new View("pages_xtra_display.html");
$template->content->title = $existing_page[0]->title;
$template->content->body = $existing_page[0]->html_code;
print $template;
}
static function feed($feed_id, $offset, $limit, $id)
{
$feed = new stdClass();
switch ($feed_id) {
case "latest":
$feed->items = ORM::factory("item")->viewable()->where("type", "<>", "album")->order_by("created", "DESC")->find_all($limit, $offset);
$all_items = ORM::factory("item")->viewable()->where("type", "<>", "album")->order_by("created", "DESC");
$feed->max_pages = ceil($all_items->find_all()->count() / $limit);
$feed->title = t("%site_title - Recent updates", array("site_title" => item::root()->title));
$feed->description = t("Recent updates");
return $feed;
case "album":
$item = ORM::factory("item", $id);
access::required("view", $item);
$feed->items = $item->viewable()->descendants($limit, $offset, array(array("type", "=", "photo")));
$feed->max_pages = ceil($item->viewable()->descendants_count(array(array("type", "=", "photo"))) / $limit);
if ($item->id == item::root()->id) {
$feed->title = html::purify($item->title);
} else {
$feed->title = t("%site_title - %item_title", array("site_title" => item::root()->title, "item_title" => $item->title));
}
$feed->description = nl2br(html::purify($item->description));
return $feed;
}
}
/**
* Task that rebuilds all dirty images.
* @param Task_Model the task
*/
static function rebuild_dirty_images($task)
{
$errors = array();
try {
$result = graphics::find_dirty_images_query()->select("id")->execute();
$total_count = $task->get("total_count", $result->count());
$mode = $task->get("mode", "init");
if ($mode == "init") {
$task->set("total_count", $total_count);
$task->set("mode", "process");
batch::start();
}
$completed = $task->get("completed", 0);
$ignored = $task->get("ignored", array());
$i = 0;
foreach ($result as $row) {
if (array_key_exists($row->id, $ignored)) {
continue;
}
$item = ORM::factory("item", $row->id);
if ($item->loaded()) {
try {
graphics::generate($item);
$completed++;
$errors[] = t("Successfully rebuilt images for '%title'", array("title" => html::purify($item->title)));
} catch (Exception $e) {
$errors[] = t("Unable to rebuild images for '%title'", array("title" => html::purify($item->title)));
$errors[] = (string) $e;
$ignored[$item->id] = 1;
}
}
if (++$i == 2) {
break;
}
}
$task->status = t2("Updated: 1 image. Total: %total_count.", "Updated: %count images. Total: %total_count.", $completed, array("total_count" => $total_count));
if ($completed < $total_count) {
$task->percent_complete = (int) (100 * ($completed + count($ignored)) / $total_count);
} else {
$task->percent_complete = 100;
}
$task->set("completed", $completed);
$task->set("ignored", $ignored);
if ($task->percent_complete == 100) {
$task->done = true;
$task->state = "success";
batch::stop();
site_status::clear("graphics_dirty");
}
} catch (Exception $e) {
Kohana_Log::add("error", (string) $e);
$task->done = true;
$task->state = "error";
$task->status = $e->getMessage();
$errors[] = (string) $e;
}
if ($errors) {
$task->log($errors);
}
}
/**
* Allows the given item to be displayed again.
*
* @param int $id the item id
*/
public function unstar($id)
{
$item = model_cache::get("item", $id);
$msg = t("Un-starred <b>%title</b> item", array("title" => html::purify($item->title)));
$this->_check_star_permissions($item);
star::unstar($item);
message::success($msg);
json::reply(array("result" => "success", "reload" => 1));
}
/**
* Allows the given item to be displayed again.
*
* @param int $id the item id
*/
public function show($id)
{
$item = model_cache::get("item", $id);
$msg = t("Displayed <b>%title</b> item", array("title" => html::purify($item->title)));
$this->_check_hide_permissions($item);
hide::show($item);
message::success($msg);
json::reply(array("result" => "success", "reload" => 1));
}
public function label($val = NULL)
{
if ($val === NULL) {
if ($label = $this->data['label']) {
return html::purify($this->data['label']);
}
} else {
$this->data['label'] = $val === TRUE ? ucwords(inflector::humanize($this->data['name'])) : $val;
return $this;
}
}
/**
* Task that rebuilds all dirty images.
* @param Task_Model the task
*/
static function rebuild_dirty_images($task)
{
$errors = array();
try {
$result = graphics::find_dirty_images_query();
$completed = $task->get("completed", 0);
$ignored = $task->get("ignored", array());
$remaining = $result->count() - count($ignored);
$i = 0;
foreach ($result as $row) {
if (array_key_exists($row->id, $ignored)) {
continue;
}
$item = ORM::factory("item", $row->id);
if ($item->loaded) {
try {
graphics::generate($item);
$ignored[$item->id] = 1;
$errors[] = t("Successfully rebuilt images for '%title'", array("title" => html::purify($item->title)));
} catch (Exception $e) {
$errors[] = t("Unable to rebuild images for '%title'", array("title" => html::purify($item->title)));
$errors[] = $e->__toString();
}
}
$completed++;
$remaining--;
if (++$i == 2) {
break;
}
}
$task->status = t2("Updated: 1 image. Total: %total_count.", "Updated: %count images. Total: %total_count.", $completed, array("total_count" => $remaining + $completed));
if ($completed + $remaining > 0) {
$task->percent_complete = (int) (100 * $completed / ($completed + $remaining));
} else {
$task->percent_complete = 100;
}
$task->set("completed", $completed);
$task->set("ignored", $ignored);
if ($remaining == 0) {
$task->done = true;
$task->state = "success";
site_status::clear("graphics_dirty");
}
} catch (Exception $e) {
$task->done = true;
$task->state = "error";
$task->status = $e->getMessage();
$errors[] = $e->__toString();
}
if ($errors) {
$task->log($errors);
}
}
public function send($id)
{
access::verify_csrf();
$user = identity::lookup_user($id);
$form = user_profile::get_contact_form($user);
if ($form->validate()) {
Sendmail::factory()->to($user->email)->subject(html::clean($form->message->subject->value))->header("Mime-Version", "1.0")->header("Content-type", "text/html; charset=iso-8859-1")->reply_to($form->message->reply_to->value)->message(html::purify($form->message->message->value))->send();
message::success(t("Sent message to %user_name", array("user_name" => $user->display_name())));
print json_encode(array("result" => "success"));
} else {
print json_encode(array("result" => "error", "form" => (string) $form));
}
}
function watch($id)
{
access::verify_csrf();
$item = ORM::factory("item", $id);
access::required("view", $item);
if (notification::is_watching($item)) {
notification::remove_watch($item);
message::success(sprintf(t("You are no longer watching %s"), html::purify($item->title)));
} else {
notification::add_watch($item);
message::success(sprintf(t("You are now watching %s"), html::purify($item->title)));
}
url::redirect($item->abs_url());
}
static function site_menu($menu, $theme)
{
// Add menu options for Adding / Removing / Using passwords to the menu.
// If this page doesn't belong to an item, don't display the menu.
if (!$theme->item()) {
return;
}
$item = $theme->item();
// If there isn't currently a password stored in the cookie,
// then display the enter password link.
if (cookie::get("g3_albumpassword") == "") {
$menu->append(Menu::factory("dialog")->id("albumpassword_login")->css_id("g-album-password-login")->url(url::site("albumpassword/login"))->label(t("Unlock albums")));
} else {
// If a password has been entered already
// display the log out link, and links to the protected albums
$menu->append(Menu::factory("submenu")->id("albumpassword_protected")->css_id("g-album-password-protected")->label(t("Protected albums")));
$menu->get("albumpassword_protected")->append(Menu::factory("link")->id("albumpassword_logout")->css_id("g-album-password-logout")->url(url::site("albumpassword/logout"))->label(t("Clear password")));
$existing_password = "";
if (cookie::get("g3_albumpassword_id") != "") {
$existing_password = ORM::factory("items_albumpassword")->where("password", "=", cookie::get("g3_albumpassword"))->where("id", "=", cookie::get("g3_albumpassword_id"))->find_all();
} else {
$existing_password = ORM::factory("items_albumpassword")->where("password", "=", cookie::get("g3_albumpassword"))->find_all();
}
if (count($existing_password) > 0) {
$counter = 0;
while ($counter < count($existing_password)) {
$item_album = ORM::factory("item")->where("id", "=", $existing_password[$counter]->album_id)->find();
$menu->get("albumpassword_protected")->append(Menu::factory("link")->id("albumpassword_album" . $counter)->label(html::purify($item_album->title))->css_id("g-album-password-album" . $counter)->url(url::abs_site("{$item_album->type}s/{$item_album->id}")));
$counter++;
}
}
}
// If this is an album without a password, display a link for assigning one.
// If this is an album with a password, display a link to remove it.
if ($item->is_album()) {
if (access::can("view", $item) && access::can("edit", $item)) {
$existing_password = ORM::factory("items_albumpassword")->where("album_id", "=", $item->id)->find_all();
if (count($existing_password) > 0) {
$menu->get("options_menu")->append(Menu::factory("link")->id("albumpassword_remove")->label(t("Remove password"))->css_id("g-album-password-remove")->url(url::site("albumpassword/remove/" . $item->id)));
} elseif ($item->id != 1) {
$passworded_subitems = ORM::factory("item", $item->id)->and_open()->join("albumpassword_idcaches", "items.id", "albumpassword_idcaches.item_id", "LEFT OUTER")->where("albumpassword_idcaches.item_id", "IS NOT", NULL)->close()->descendants();
$existing_cacheditem = ORM::factory("albumpassword_idcache")->where("item_id", "=", $item->id)->order_by("cache_id")->find_all();
if (count($existing_cacheditem) == 0 && count($passworded_subitems) == 0) {
$menu->get("options_menu")->append(Menu::factory("dialog")->id("albumpassword_assign")->label(t("Assign password"))->css_id("g-album-password-assign")->url(url::site("albumpassword/assign/" . $item->id)));
}
}
}
}
}
public function send($id)
{
access::verify_csrf();
$user = identity::lookup_user($id);
if (!$this->_can_view_profile_pages($user)) {
throw new Kohana_404_Exception();
}
$form = user_profile::get_contact_form($user);
if ($form->validate()) {
Sendmail::factory()->to($user->email)->subject(html::clean($form->message->subject->value))->header("Mime-Version", "1.0")->header("Content-type", "text/html; charset=UTF-8")->reply_to($form->message->reply_to->value)->message(html::purify($form->message->message->value))->send();
message::success(t("Sent message to %user_name", array("user_name" => $user->display_name())));
json::reply(array("result" => "success"));
} else {
json::reply(array("result" => "error", "html" => (string) $form));
}
}
public function delete($id)
{
access::verify_csrf();
$item = model_cache::get("item", $id);
access::required("view", $item);
access::required("edit", $item);
if ($item->is_album()) {
$msg = t("Deleted album <b>%title</b>", array("title" => html::purify($item->title)));
} else {
$msg = t("Deleted photo <b>%title</b>", array("title" => html::purify($item->title)));
}
$redirect = $item->parent();
// redirect to this item, if current item was deleted
if ($item->is_album()) {
// Album delete will trigger deletes for all children. Do this in a batch so that we can be
// smart about notifications, album cover updates, etc.
batch::start();
$item->delete();
batch::stop();
} else {
$where = array(array("type", "!=", "album"));
// evaluate redirect item before delete of current item
$position = item::get_position($item, $where);
if ($position > 1) {
list($previous_item, $ignore, $next_item) = $item->parent()->viewable()->children(3, $position - 2, $where);
} else {
$previous_item = null;
list($next_item) = $item->parent()->viewable()->children(1, $position, $where);
}
if ($next_item) {
$redirect = $next_item;
} else {
if ($previous_item) {
$redirect = $previous_item;
}
}
$item->delete();
}
message::success($msg);
$from_id = Input::instance()->get("from_id");
if (Input::instance()->get("page_type") == "collection" && $from_id != $id) {
json::reply(array("result" => "success", "reload" => 1));
} else {
json::reply(array("result" => "success", "location" => $redirect->url()));
}
}
function makeselect($album, $level)
{
//print out the list item as a select option
?>
<option value="<?php
echo item::root()->url();
echo $album->relative_url();
?>
"><?php
echo str_repeat(" ", $level);
echo html::purify($album->title);
?>
</option>
<?php
//recurse over the children, and print their list items as well
foreach ($album->viewable()->children(null, null, array(array("type", "=", "album"))) as $child) {
makeselect($child, $level + 1);
}
}
public function print_photo($id)
{
access::verify_csrf();
$item = ORM::factory("item", $id);
access::required("view", $item);
if (access::group_can(identity::everybody(), "view_full", $item)) {
$full_url = $item->file_url(true);
$thumb_url = $item->thumb_url(true);
} else {
$proxy = ORM::factory("digibug_proxy");
$proxy->uuid = random::hash();
$proxy->item_id = $item->id;
$proxy->save();
$full_url = url::abs_site("digibug/print_proxy/full/{$proxy->uuid}/{$item->id}");
$thumb_url = url::abs_site("digibug/print_proxy/thumb/{$proxy->uuid}/{$item->id}");
}
$v = new View("digibug_form.html");
$v->order_params = array("digibug_api_version" => "100", "company_id" => module::get_var("digibug", "company_id"), "event_id" => module::get_var("digibug", "event_id"), "cmd" => "addimg", "partner_code" => "69", "return_url" => url::abs_site("digibug/close_window"), "num_images" => "1", "image_1" => $full_url, "thumb_1" => $thumb_url, "image_height_1" => $item->height, "image_width_1" => $item->width, "thumb_height_1" => $item->thumb_height, "thumb_width_1" => $item->thumb_width, "title_1" => html::purify($item->title));
print $v;
}
static function feed($feed_id, $offset, $limit, $id)
{
switch ($feed_id) {
case "latest":
$feed->children = ORM::factory("item")->viewable()->where("type !=", "album")->orderby("created", "DESC")->find_all($limit, $offset);
$all_children = ORM::factory("item")->viewable()->where("type !=", "album")->orderby("created", "DESC");
$feed->max_pages = ceil($all_children->find_all()->count() / $limit);
$feed->title = t("Recent Updates");
$feed->description = t("Recent Updates");
return $feed;
case "album":
$item = ORM::factory("item", $id);
access::required("view", $item);
$feed->children = $item->viewable()->descendants($limit, $offset, array("type" => "photo"));
$feed->max_pages = ceil($item->viewable()->descendants_count(array("type" => "photo")) / $limit);
$feed->title = html::purify($item->title);
$feed->description = nl2br(html::purify($item->description));
return $feed;
}
}
static function feed($feed_id, $offset, $limit, $id)
{
if ($feed_id != "newest" && $feed_id != "item") {
return;
}
$comments = ORM::factory("comment")->viewable()->where("state", "=", "published")->order_by("created", "DESC");
if ($feed_id == "item") {
$comments->where("item_id", "=", $id);
}
$feed->view = "comment.mrss";
$feed->children = array();
foreach ($comments->find_all($limit, $offset) as $comment) {
$item = $comment->item();
$feed->children[] = new ArrayObject(array("pub_date" => date("D, d M Y H:i:s T", $comment->created), "text" => nl2br(html::purify($comment->text)), "thumb_url" => $item->thumb_url(), "thumb_height" => $item->thumb_height, "thumb_width" => $item->thumb_width, "item_uri" => url::abs_site("{$item->type}s/{$item->id}"), "title" => html::purify($item->title), "author" => html::clean($comment->author_name())), ArrayObject::ARRAY_AS_PROPS);
}
$feed->max_pages = ceil($comments->count_all() / $limit);
$feed->title = htmlspecialchars(t("Recent Comments"));
$feed->uri = url::abs_site("albums/" . (empty($id) ? "1" : $id));
$feed->description = t("Recent comments");
return $feed;
}
public function save($source_id)
{
access::verify_csrf();
$source = ORM::factory("item", $source_id);
$target = ORM::factory("item", Input::instance()->post("target_id"));
access::required("view", $source);
access::required("view", $target);
access::required("edit", $target);
model_cache::clear();
$target->album_cover_item_id = $source->is_album() ? $source->album_cover_item_id : $source->id;
$target->thumb_dirty = 1;
$target->save();
graphics::generate($target);
$grand_parent = $target->parent();
if ($grand_parent && access::can("edit", $grand_parent) && $grand_parent->album_cover_item_id == null) {
item::make_album_cover($target);
}
$msg = t("Made <b>%title</b> album's cover for <b>%album</b>", array("title" => html::purify($source->title), "album" => html::purify($target->title)));
message::success($msg);
json::reply(array("result" => "success"));
}
static function get($block_id, $theme)
{
$block = "";
switch ($block_id) {
case "metadata":
if ($theme->item()) {
$block = new Block();
$block->css_id = "g-metadata";
$block->title = $theme->item()->is_album() ? t("Album info") : ($theme->item()->is_movie() ? t("Movie info") : t("Photo info"));
$block->content = new View("info_block.html");
if ($theme->item->title && module::get_var("info", "show_title")) {
$info["title"] = array("label" => t("Title:"), "value" => html::purify($theme->item->title));
}
if ($theme->item->description && module::get_var("info", "show_description")) {
$info["description"] = array("label" => t("Description:"), "value" => nl2br(html::purify($theme->item->description)));
}
if (!$theme->item->is_album() && module::get_var("info", "show_name")) {
$info["file_name"] = array("label" => t("File name:"), "value" => html::clean($theme->item->name));
}
if ($theme->item->captured && module::get_var("info", "show_captured")) {
$info["captured"] = array("label" => t("Captured:"), "value" => gallery::date_time($theme->item->captured));
}
if ($theme->item->owner && module::get_var("info", "show_owner")) {
$display_name = $theme->item->owner->display_name();
if ($theme->item->owner->url) {
$info["owner"] = array("label" => t("Owner:"), "value" => html::anchor(html::clean($theme->item->owner->url), html::clean($display_name)));
} else {
$info["owner"] = array("label" => t("Owner:"), "value" => html::clean($display_name));
}
}
if ($theme->item->width && $theme->item->height && module::get_var("info", "show_dimensions")) {
$info["size"] = array("label" => t("Dimensions:"), "value" => t("%width x %height px", array("width" => $theme->item->width, "height" => $theme->item->height)));
}
$block->content->metadata = $info;
module::event("info_block_get_metadata", $block, $theme->item);
}
break;
}
return $block;
}
public function render()
{
// Import base data
$base_data = $this->data;
// Make it an array
$base_data['name'] .= '[]';
// Newline
$nl = "\n";
$checklist = '<ul class="' . arr::remove('class', $base_data) . '">' . $nl;
foreach (arr::remove('options', $base_data) as $val => $opt) {
// New set of input data
$data = $base_data;
// Get the title and checked status
list($title, $checked) = $opt;
// Set the name, value, and checked status
$data['value'] = $val;
$data['checked'] = $checked;
$checklist .= '<li><label>' . form::checkbox($data) . ' ' . html::purify($title) . '</label></li>' . $nl;
}
$checklist .= '</ul>';
return $checklist;
}
static function feed($feed_id, $offset, $limit, $id)
{
if (!comment_rss::feed_visible($feed_id)) {
return;
}
$comments = ORM::factory("comment")->viewable()->where("comments.state", "=", "published")->order_by("comments.created", "DESC");
if ($feed_id == "item") {
$item = ORM::factory("item", $id);
$comments->where("items.left_ptr", ">=", $item->left_ptr)->where("items.right_ptr", "<=", $item->right_ptr);
}
$feed = new stdClass();
$feed->view = "comment.mrss";
$feed->comments = array();
foreach ($comments->find_all($limit, $offset) as $comment) {
$item = $comment->item();
$feed->comments[] = new ArrayObject(array("pub_date" => date("D, d M Y H:i:s O", $comment->created), "text" => nl2br(html::purify($comment->text)), "thumb_url" => $item->thumb_url(), "thumb_height" => $item->thumb_height, "thumb_width" => $item->thumb_width, "item_uri" => url::abs_site("{$item->type}s/{$item->id}"), "title" => $item->id == item::root()->id ? html::purify($item->title) : t("%site_title - %item_title", array("site_title" => item::root()->title, "item_title" => $item->title)), "author" => html::clean($comment->author_name())), ArrayObject::ARRAY_AS_PROPS);
}
$feed->max_pages = ceil($comments->count_all() / $limit);
$feed->title = html::purify(t("%site_title - Recent Comments", array("site_title" => item::root()->title)));
$feed->uri = url::abs_site("albums/" . (empty($id) ? "1" : $id));
$feed->description = t("Recent comments");
return $feed;
}
static function get($block_id, $theme)
{
$block = "";
switch ($block_id) {
case "metadata":
if ($theme->item()) {
$block = new Block();
$block->css_id = "g-metadata";
$block->title = $theme->item()->is_album() ? t("Album info") : t("Photo info");
$block->content = new View("info_block.html");
if ($theme->item->title && module::get_var("info", "show_title")) {
$info["title"] = array("label" => t("Title:"), "value" => html::purify($theme->item->title));
}
if ($theme->item->description && module::get_var("info", "show_description")) {
$info["description"] = array("label" => t("Description:"), "value" => nl2br(html::purify($theme->item->description)));
}
if (!$theme->item->is_album() && module::get_var("info", "show_name")) {
$info["file_name"] = array("label" => t("File name:"), "value" => html::clean($theme->item->name));
}
if ($theme->item->captured && module::get_var("info", "show_captured")) {
$info["captured"] = array("label" => t("Captured:"), "value" => gallery::date_time($theme->item->captured));
}
if ($theme->item->owner && module::get_var("info", "show_owner")) {
$display_name = $theme->item->owner->display_name();
if ($theme->item->owner->url) {
$info["owner"] = array("label" => t("Owner:"), "value" => "<a href=\"{$theme->item->owner->url}\">" . html::clean($display_name) . "</a>");
} else {
$info["owner"] = array("label" => t("Owner:"), "value" => html::clean($display_name));
}
}
$block->content->metadata = $info;
module::event("info_block_get_metadata", $block, $theme->item);
}
break;
}
return $block;
}
public function update($photo_id)
{
access::verify_csrf();
$photo = ORM::factory("item", $photo_id);
access::required("view", $photo);
access::required("edit", $photo);
$form = photo::get_edit_form($photo);
try {
$valid = $form->validate();
$photo->title = $form->edit_item->title->value;
$photo->description = $form->edit_item->description->value;
$photo->slug = $form->edit_item->slug->value;
$photo->name = $form->edit_item->inputs["name"]->value;
$photo->validate();
} catch (ORM_Validation_Exception $e) {
// Translate ORM validation errors into form error messages
foreach ($e->validation->errors() as $key => $error) {
$form->edit_item->inputs[$key]->add_error($error, 1);
}
$valid = false;
}
if ($valid) {
$photo->save();
module::event("item_edit_form_completed", $photo, $form);
log::success("content", "Updated photo", "<a href=\"{$photo->url()}\">view</a>");
message::success(t("Saved photo %photo_title", array("photo_title" => html::purify($photo->title))));
if ($form->from_id->value == $photo->id) {
// Use the new url; it might have changed.
json::reply(array("result" => "success", "location" => $photo->url()));
} else {
// Stay on the same page
json::reply(array("result" => "success"));
}
} else {
json::reply(array("result" => "error", "html" => (string) $form));
}
}
var rearrange_url = "<?php
echo url::site("organize/rearrange/__TARGET_ID__/__BEFORE__?csrf={$csrf}");
?>
";
var sort_order_url = "<?php
echo url::site("organize/sort_order/__ALBUM_ID__/__COL__/__DIR__?csrf={$csrf}");
?>
";
var tree_url = "<?php
echo url::site("organize/tree/__ALBUM_ID__");
?>
";
</script>
<div id="g-organize" class="g-dialog-panel">
<h1 style="display:none"><?php
echo t("Organize %name", array("name" => html::purify($album->title)));
?>
</h1>
<div id="g-organize-content-pane">
<div id="g-organize-tree-container" class="g-left ui-helper-clearfix">
<h3><?php
echo t("Albums");
?>
</h3>
<ul id="g-organize-album-tree">
<?php
echo $album_tree;
?>
</ul>
</div>
<div id="g-organize-detail" class="g-left ui-helper-clearfix">
?>
<?php
echo t("No thumbnail");
?>
<?php
}
?>
</a>
</div>
</div>
<p><?php
echo gallery::date($comment->created);
?>
</p>
<?php
echo nl2br(html::purify($comment->text));
?>
</td>
<td>
<ul class="g-buttonset-vertical">
<?php
if ($comment->state != "unpublished") {
?>
<li>
<a href="javascript:set_state('unpublished',<?php
echo $comment->id;
?>
)"
class="g-button ui-state-default ui-icon-left">
<span class="ui-icon ui-icon-check"></span>
<?php
?>
</a>
</li>
<?php
$i++;
?>
<?php
}
?>
<li class="g-active<?php
if ($i == 0) {
print " g-first";
}
?>
"><?php
echo html::purify($theme->item()->title);
?>
</li>
</ul>
<?php
}
?>
</div>
<div id="bd">
<div id="yui-main">
<div class="yui-b">
<div id="g-content" class="yui-g">
<?php
echo $theme->messages();
?>
<?php
foreach ($album->parents() as $i => $parent) {
?>
<li<?php
if ($i == 0) {
print " class=\"g-first\"";
}
?>
> <?php
echo html::clean($parent->title);
?>
</li>
<?php
}
?>
<li class="g-active"> <?php
echo html::purify($album->title);
?>
</li>
</ul>
</div>
<div id="g-add-photos-canvas">
<button id="g-add-photos-button" class="g-button ui-state-default ui-corner-all" href="#"><?php
echo t("Select photos (%size max per file)...", array("size" => $size_limit));
?>
</button>
<span id="g-uploadify"></span>
</div>
<div id="g-add-photos-status">
<ul id="g-action-status" class="g-message-block">
</ul>