[Linpha-cvs] SF.net SVN: linpha: [4472] trunk/linpha2
Status: Inactive
Brought to you by:
bzrudi
From: <fan...@us...> - 2006-04-02 12:52:07
|
Revision: 4472 Author: fangehrn Date: 2006-04-02 05:51:42 -0700 (Sun, 02 Apr 2006) ViewCVS: http://svn.sourceforge.net/linpha/?rev=4472&view=rev Log Message: ----------- * added integrity check (checks album, tmp and cache folder) Modified Paths: -------------- trunk/linpha2/ChangeLog trunk/linpha2/admin/image_fields_select.php trunk/linpha2/index.php trunk/linpha2/lib/classes/linpha.class.php trunk/linpha2/lib/classes/linpha.imgview.class.php trunk/linpha2/lib/include/common.php trunk/linpha2/linpha2.specs.txt Added Paths: ----------- trunk/linpha2/docs/ trunk/linpha2/docs/dev/ trunk/linpha2/lib/include/integrity.php Modified: trunk/linpha2/ChangeLog =================================================================== --- trunk/linpha2/ChangeLog 2006-04-01 17:49:00 UTC (rev 4471) +++ trunk/linpha2/ChangeLog 2006-04-02 12:51:42 UTC (rev 4472) @@ -1,3 +1,6 @@ +2006-04-02 flo + * added integrity check (checks album, tmp and cache folder) + 2006-04-01 flo * update several folder paths -> it should now work if you specify an other album dir than ./albums Modified: trunk/linpha2/admin/image_fields_select.php =================================================================== --- trunk/linpha2/admin/image_fields_select.php 2006-04-01 17:49:00 UTC (rev 4471) +++ trunk/linpha2/admin/image_fields_select.php 2006-04-02 12:51:42 UTC (rev 4472) @@ -8,6 +8,7 @@ $array_menu = Array( 'image' => Array('name' => 'Image', 'link' => 'imagefields_select_image'), + 'thumb' => Array('name' => 'Thumbnail', 'link' => 'imagefields_select_thumb'), 'video' => Array('name' => 'Video', 'link' => 'imagefields_select_video'), 'album' => Array('name' => 'Album', 'link' => 'imagefields_select_album') ); @@ -159,11 +160,16 @@ </form> <?php break; -case 'video': -?> +case 'thumb': -<?php + break; + +case 'video': + ?> + + <?php + break; } ?> Modified: trunk/linpha2/index.php =================================================================== --- trunk/linpha2/index.php 2006-04-01 17:49:00 UTC (rev 4471) +++ trunk/linpha2/index.php 2006-04-02 12:51:42 UTC (rev 4472) @@ -9,6 +9,8 @@ include_once(LINPHA_DIR.'/lib/classes/linpha.class.php'); $linpha = new linpha(); $linpha->sql->startSession(); + + include_once(LINPHA_DIR.'/lib/include/integrity.php'); if(!isset($_GET['cat'])) { Modified: trunk/linpha2/lib/classes/linpha.class.php =================================================================== --- trunk/linpha2/lib/classes/linpha.class.php 2006-04-01 17:49:00 UTC (rev 4471) +++ trunk/linpha2/lib/classes/linpha.class.php 2006-04-02 12:51:42 UTC (rev 4472) @@ -22,7 +22,7 @@ * This is the base class which needs to be included. It takes care of * including a number of class files and sets up basic things. */ -if(!defined('LINPHA_DIR')) { define('LINPHA_DIR','../..'); } +if(!defined('LINPHA_DIR')) { exit(1); } /** * installation check Modified: trunk/linpha2/lib/classes/linpha.imgview.class.php =================================================================== --- trunk/linpha2/lib/classes/linpha.imgview.class.php 2006-04-01 17:49:00 UTC (rev 4471) +++ trunk/linpha2/lib/classes/linpha.imgview.class.php 2006-04-02 12:51:42 UTC (rev 4472) @@ -161,6 +161,9 @@ $this->filterPhotosNotPermitted(); $this->setMenu(); + if(isset($_GET['admin_cmd'])) { + $this->adminCommands(); + } /** * set mode specific things @@ -364,7 +367,28 @@ } } +/** + * method for special admin commands, like rotating images, import stuff etc. + * @uses LinImgView::buildImgView() + */ +function adminCommands() +{ + switch($_GET['admin_cmd']) + { + case 'recreate': + LinImage::createThumbnail($this->id_current,$this->img_type,$force=true); + break; + case 'rotate_left': + case 'rotate_right': + break; + } +} + + + + + /** * define thumbnail view */ @@ -676,6 +700,11 @@ } + + + + + /** * setup comment view */ @@ -716,7 +745,6 @@ $GLOBALS['linpha']->template->output['comment'] = $GLOBALS['linpha']->db->GetRow("SELECT id, time, author, comment FROM ".PREFIX."meta_comments"); } - /** * setup image view */ Modified: trunk/linpha2/lib/include/common.php =================================================================== --- trunk/linpha2/lib/include/common.php 2006-04-01 17:49:00 UTC (rev 4471) +++ trunk/linpha2/lib/include/common.php 2006-04-02 12:51:42 UTC (rev 4472) @@ -2,57 +2,59 @@ if(!defined('LINPHA_DIR')) { exit(1); } /** -* This file removes the magic quotes -* always include this file with *include_once* to prevent multiple remove of magic quotes! -* -* Magic-quotes was added to reduce code written by beginners from being dangerous. -* If you disable magic quotes, you must be very careful -* to protect yourself from SQL injection attacks. -* For details see http://www.php.net/manual/en/function.get-magic-quotes-gpc.php -* -* @author flo -*/ - -/** -* Disabling magic quotes at runtime -* for example fread() -*/ -set_magic_quotes_runtime(0); - -/** -* Remove magic quotes for get, post and cookie data -* We can't disable it, because we are already too late -* It could also be done with a directive in a .htaccess file -* (php_value magic_quotes_gpc 0) -*/ -if (get_magic_quotes_gpc()) { - function stripslashes_deep($value) - { - $value = is_array($value) ? - array_map('stripslashes_deep', $value) : - stripslashes($value); - - return $value; - } + * Magic Quotes stuff + */ + /** + * always include this file with *include_once* to prevent multiple remove of magic quotes! + * + * Magic-quotes was added to reduce code written by beginners from being dangerous. + * If you disable magic quotes, you must be very careful + * to protect yourself from SQL injection attacks. + * For details see http://www.php.net/manual/en/function.get-magic-quotes-gpc.php + * + * @author flo + */ - $_POST = array_map('stripslashes_deep', $_POST); - $_GET = array_map('stripslashes_deep', $_GET); - $_COOKIE = array_map('stripslashes_deep', $_COOKIE); - $_REQUEST = array_map('stripslashes_deep', $_REQUEST); + /** + * Disabling magic quotes at runtime + * for example fread() + */ + set_magic_quotes_runtime(0); /** - * http://php3.de/manual/de/features.file-upload.php - * Note that with magic_quotes_gpc on, the uploaded filename - * has backslashes added *but the tmp_name does not*. - * On Windows where the tmp_name path includes backslashes, - * you *must not* run stripslashes() on the tmp_name, - * so keep that in mind when de-magic_quotes-izing your input. - * - * -> do not stripslashes on whole array, but only on $_FILES[*]['name'] + * Remove magic quotes for get, post and cookie data + * We can't disable it, because we are already too late + * It could also be done with a directive in a .htaccess file + * (php_value magic_quotes_gpc 0) */ - foreach($_FILES AS $key=>$value) - { - $_FILES[$key]['name'] = stripslashes($_FILES[$key]['name']); + if (get_magic_quotes_gpc()) { + function stripslashes_deep($value) + { + $value = is_array($value) ? + array_map('stripslashes_deep', $value) : + stripslashes($value); + + return $value; + } + + $_POST = array_map('stripslashes_deep', $_POST); + $_GET = array_map('stripslashes_deep', $_GET); + $_COOKIE = array_map('stripslashes_deep', $_COOKIE); + $_REQUEST = array_map('stripslashes_deep', $_REQUEST); + + /** + * http://php3.de/manual/de/features.file-upload.php + * Note that with magic_quotes_gpc on, the uploaded filename + * has backslashes added *but the tmp_name does not*. + * On Windows where the tmp_name path includes backslashes, + * you *must not* run stripslashes() on the tmp_name, + * so keep that in mind when de-magic_quotes-izing your input. + * + * -> do not stripslashes on whole array, but only on $_FILES[*]['name'] + */ + foreach($_FILES AS $key=>$value) + { + $_FILES[$key]['name'] = stripslashes($_FILES[$key]['name']); + } } -} ?> Added: trunk/linpha2/lib/include/integrity.php =================================================================== --- trunk/linpha2/lib/include/integrity.php (rev 0) +++ trunk/linpha2/lib/include/integrity.php 2006-04-02 12:51:42 UTC (rev 4472) @@ -0,0 +1,81 @@ +<?php +/* +* Copyright (c) 2006 Heiko Rutenbeck <bz...@tu...> +* Florian Angehrn +* +* This program is free software; you can redistribute it and/or modify +* it under the terms of the GNU General Public License as published by +* the Free Software Foundation; either version 2 of the License, or +* (at your option) any later version. +* +* This program is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +* GNU General Public License for more details. +* +* You should have received a copy of the GNU General Public License +* along with this program; if not, write to the Free Software +* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +/** + * This is the base class which needs to be included. It takes care of + * including a number of class files and sets up basic things. + */ +if(!defined('LINPHA_DIR')) { exit(1); } + +try +{ +/** + * check folders + */ + /** + * album folder + */ + $dir = LinSql::getPath('album'); + if( ! file_exists($dir) ) + { + throw new Exception(i18n("Directoy Not Existing").": ".i18n("Album").": ".$dir); + } + + if( ! is_readable($dir) ) + { + throw new Exception(i18n("Directoy Not Readable").": ".i18n("Album").": ".$dir); + } + + /** + * tmp folder + */ + $dir = LinSql::getPath('tmp'); + if( ! file_exists($dir) ) + { + throw new Exception(i18n("Directoy Not Existing").": ".i18n("Temp").": ".$dir); + } + + if( ! is_writable($dir) ) + { + throw new Exception(i18n("Directoy Not Writable").": ".i18n("Temp").": ".$dir); + } + + /** + * cache folder + */ + $dir = LinSql::getPath('cache'); + if( ! file_exists($dir) ) + { + throw new Exception(i18n("Directoy Not Existing").": ".i18n("Cache").": ".$dir); + } + + if( ! is_writable($dir) ) + { + throw new Exception(i18n("Directoy Not Writable").": ".i18n("Cache").": ".$dir); + } + + +} +catch(Exception $error) +{ + die("Error: ".$error -> getMessage()); +} + +?> \ No newline at end of file Modified: trunk/linpha2/linpha2.specs.txt =================================================================== --- trunk/linpha2/linpha2.specs.txt 2006-04-01 17:49:00 UTC (rev 4471) +++ trunk/linpha2/linpha2.specs.txt 2006-04-02 12:51:42 UTC (rev 4472) @@ -115,147 +115,7 @@ - change perms to rwx owner and rwx group after install 770 for these folders -Part 6: Database Design -============================================================================== -tables ------- -? linpha_lin_photos -? linpha_lin_config -? linpha_lin_counter_stats - -? linpha_perm_issions -linpha_perm_users -linpha_perm_groups - -linpha_meta_comments -linpha_meta_category -linpha_meta_exif -linpha_meta_iptc -linpha_meta_fields -linpha_meta_data - -linpha_plugins -linpha_plugins_log -linpha_plugins_guestbook -linpha_plugins_stats -linpha_plugins_mail_list -linpha_plugins_photo_cache - - - -linpha_config -------------- -User are able to have their own config settings - -CREATE TABLE `linpha_config` ( - `ID` int NOT NULL auto_increment, - `option_name` varchar(100) NOT NULL default '', - `option_value` varchar(100) NOT NULL default '', - `userid` int default '0', - `user_override` int default '0' - ) - -userid: - if userid = 0 => system setting - - -override: - 0: no possible (paths etc.) - 1: admin may choose (not changeable by user) - 2: admin may choose (changeable by user) - - - Config Structure - - sys_db_* Database settings - sys_path_* Folder path settings - sys_im_* Imagemagick and GDlib settings - sys_style_* Layout, style, etc. (should be change...) - sys_lang_* Language settings - sys_import_* Import/add new folders/files - - Plugins: - wm_* Plugin watermark - gb_* Plugin Guestbook - log_* Plugin Logger - ... - - -linpha_meta_fields ------------------- - id - name - field_type - 1 => 'text', - 2 => 'select', - 3 => 'date' - flags - 1 => special fields, fields which cannot be filled: filename, imagesize, dimension - 5 => builtin enabled, description, category, persons, date - 6 => builtin disabled, - 7 => own enabled, - 8 => own disabled, - 10 => image fields selected, fields selected in image info - 11 => video fields selected, fields selected in video info - 12 => album fields selected, fields selected in album info - - -Part 11. image infos (exif/iptc/etc.) -=========================================================================== -- meta data of images/albums - i'm thinking about a very complex meta info system - user can enable/disable info box (like the box we have already with videos) - which would appear next to an image - user can define elements which appear in this box - example: - -------------------------------- - | Filename: 0001_img.jpg | - | Imagetype: JPEG | - | Resolution: 1600x1200 | - | ---------------------------- | - | Exif | - | Date: 23.02.2006 | - | Time: 12:20 | - | ---------------------------- | - | Iptc | - | Description: blabla | - | other Iptc fields | - | ---------------------------- | - | User defined fields | - | (stored in db) | - | Description: blabla | - | Categories: Holidays | - | Persons: me, he, she | - | Place: Switzerland | - | Comments: comment 1 | - | comment 2 | - -------------------------------- - - admin can choose which elements appear in this box - admin can create new user defined fields - (text fields, selects, checkbox) - - it doesn't matter if it is a folder or a file - both is possible - - on file base, store md5sum - on album base, store id/path ? - then it should also be possible to inherit fields from - an album to the images - example: if an album has the category Holidays, and if we search - for Holidays, all images in this album should be shown - (but what to do with subfolders?) - - - ability to define own image fields (low priority) - types: - 1 = text - 2 = select - 3 = select multiple - 4 = date - /* edit bzrudi */ - Yes, I agree - all of the above should be possible for power users - Part 12. main menu ============================================================================ - use a css only menu? This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |