Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Merge branch 'master' into 3.0.x
  • Loading branch information
bharat committed May 19, 2012
2 parents 64a3989 + a9be069 commit da56a2c
Show file tree
Hide file tree
Showing 10 changed files with 75 additions and 28 deletions.
28 changes: 28 additions & 0 deletions lib/gallery.common.js
Expand Up @@ -222,4 +222,32 @@
});
};

// Augment jQuery autocomplete to expect the first response line to
// be a <meta> tag that protects against UTF-7 attacks.
$.fn.gallery_autocomplete = function(url, options) {
// Drop the first response - it should be a meta tag
options.parse = function(data) {
var parsed = [];
var rows = data.split("\n");
if (rows[0].indexOf("<meta") == -1) {
throw 'Missing <meta> tag in first line of autocomplete response';
}
rows.shift(); // drop <META> tag
for (var i=0; i < rows.length; i++) {
var row = $.trim(rows[i]);
if (row) {
row = row.split("|");
parsed[parsed.length] = {
data: row,
value: row[0],
result: row[0]
};
}
}
return parsed;
};

$(this).autocomplete(url, options);
};

})(jQuery);
2 changes: 1 addition & 1 deletion modules/g2_import/controllers/admin_g2_import.php
Expand Up @@ -113,7 +113,7 @@ public function autocomplete() {
}
}

print implode("\n", $directories);
ajax::response(implode("\n", $directories));
}

private function _get_import_form() {
Expand Down
2 changes: 1 addition & 1 deletion modules/g2_import/views/admin_g2_import.html.php
Expand Up @@ -3,7 +3,7 @@
<?= $theme->script("jquery.autocomplete.js") ?>
<script type="text/javascript">
$("document").ready(function() {
$("form input[name=embed_path]").autocomplete(
$("form input[name=embed_path]").gallery_autocomplete(
"<?= url::site("__ARGS__") ?>".replace("__ARGS__", "admin/g2_import/autocomplete"),
{
max: 256,
Expand Down
31 changes: 31 additions & 0 deletions modules/gallery/helpers/ajax.php
@@ -0,0 +1,31 @@
<?php defined("SYSPATH") or die("No direct script access.");
/**
* Gallery - a web based photo album viewer and editor
* Copyright (C) 2000-2012 Bharat Mediratta
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or (at
* your option) any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
*/
class ajax_Core {
/**
* Encode an Ajax response so that it's UTF-7 safe.
*
* @param string $message string to print
*/
static function response($content) {
header("Content-Type: text/plain; charset=" . Kohana::CHARSET);
print "<meta http-equiv=\"content-type\" content=\"text/html; charset=utf-8\">\n";
print html::clean($content);
}
}
6 changes: 4 additions & 2 deletions modules/server_add/controllers/admin_server_add.php
Expand Up @@ -71,14 +71,16 @@ public function remove_path() {
}

public function autocomplete() {
$directories = array('<meta http-equiv="content-type" content="text/html; charset=utf-8">');
$directories = array();

$path_prefix = Input::instance()->get("q");
foreach (glob("{$path_prefix}*") as $file) {
if (is_dir($file) && !is_link($file)) {
$directories[] = html::clean($file);
}
}
print implode("\n", $directories);

ajax::response(implode("\n", $directories));
}

private function _get_admin_form() {
Expand Down
19 changes: 1 addition & 18 deletions modules/server_add/views/admin_server_add.html.php
Expand Up @@ -4,28 +4,11 @@
<?= $theme->script("jquery.autocomplete.js") ?>
<script type="text/javascript">
$("document").ready(function() {
$("#g-path").autocomplete(
$("#g-path").gallery_autocomplete(
"<?= url::site("__ARGS__") ?>".replace("__ARGS__", "admin/server_add/autocomplete"),
{
max: 256,
loadingClass: "g-loading-small",
parse: function(data) {
var parsed = [];
var rows = data.split("\n");
rows.shift(); // drop <META> tag
for (var i=0; i < rows.length; i++) {
var row = $.trim(rows[i]);
if (row) {
row = row.split("|");
parsed[parsed.length] = {
data: row,
value: row[0],
result: row[0]
};
}
}
return parsed;
}
});
});
</script>
Expand Down
4 changes: 2 additions & 2 deletions modules/tag/controllers/tags.php
Expand Up @@ -57,9 +57,9 @@ public function autocomplete() {
->limit($limit)
->find_all();
foreach ($tag_list as $tag) {
$tags[] = $tag->name;
$tags[] = html::clean($tag->name);
}

print implode("\n", $tags);
ajax::response(implode("\n", $tags));
}
}
4 changes: 2 additions & 2 deletions modules/tag/helpers/tag_event.php
Expand Up @@ -72,7 +72,7 @@ static function item_edit_form($item, $form) {
$url = url::site("tags/autocomplete");
$form->script("")
->text("$('form input[name=tags]').ready(function() {
$('form input[name=tags]').autocomplete(
$('form input[name=tags]').gallery_autocomplete(
'$url', {max: 30, multiple: true, multipleSeparator: ',', cacheLength: 1});
});");

Expand Down Expand Up @@ -123,7 +123,7 @@ static function add_photos_form($album, $form) {
$autocomplete_url = url::site("tags/autocomplete");
$group->script("")
->text("$('input[name=tags]')
.autocomplete(
.gallery_autocomplete(
'$autocomplete_url',
{max: 30, multiple: true, multipleSeparator: ',', cacheLength: 1}
)
Expand Down
2 changes: 1 addition & 1 deletion modules/tag/views/tag_block.html.php
Expand Up @@ -2,7 +2,7 @@
<script type="text/javascript">
$("#g-add-tag-form").ready(function() {
var url = $("#g-tag-cloud-autocomplete-url").attr("href");
$("#g-add-tag-form input:text").autocomplete(
$("#g-add-tag-form input:text").gallery_autocomplete(
url, {
max: 30,
multiple: true,
Expand Down
5 changes: 4 additions & 1 deletion themes/wind/views/album.html.php
Expand Up @@ -9,9 +9,12 @@
<ul id="g-album-grid" class="ui-helper-clearfix">
<? if (count($children)): ?>
<? foreach ($children as $i => $child): ?>
<? $item_class = "g-photo"; ?>
<? if ($child->is_album()): ?>
<? $item_class = "g-album"; ?>
<? elseif ($child->is_movie()): ?>
<? $item_class = "g-movie"; ?>
<? else: ?>
<? $item_class = "g-photo"; ?>
<? endif ?>
<li id="g-item-id-<?= $child->id ?>" class="g-item <?= $item_class ?>">
<?= $theme->thumb_top($child) ?>
Expand Down

0 comments on commit da56a2c

Please sign in to comment.