[Linpha-cvs] SF.net SVN: linpha: [4664] trunk/linpha2
Status: Inactive
Brought to you by:
bzrudi
Menu
▾
▴
[Linpha-cvs] SF.net SVN: linpha: [4664] trunk/linpha2
|
From: <fan...@us...> - 2006-11-27 06:44:40
|
Revision: 4664
http://svn.sourceforge.net/linpha/?rev=4664&view=rev
Author: fangehrn
Date: 2006-11-26 14:14:38 -0800 (Sun, 26 Nov 2006)
Log Message:
-----------
2006-11-26 flo
* create backup of file while editing iptc data
* added new requirements check in the installer: show a warning if the server does not
support .htaccess files
Modified Paths:
--------------
trunk/linpha2/ChangeLog
trunk/linpha2/docs/dev/TODO.txt
trunk/linpha2/install/lib.install.php
trunk/linpha2/install/lib.requirements.php
trunk/linpha2/install/step2_requirements.php
trunk/linpha2/lib/classes/linpha.filesys.class.php
trunk/linpha2/lib/classes/linpha.functions.php
trunk/linpha2/lib/classes/linpha.imgview.class.php
trunk/linpha2/lib/classes/linpha.import.class.php
trunk/linpha2/lib/classes/linpha.metadata.class.php
trunk/linpha2/lib/classes/pjmt/Photoshop_File_Info.php
Modified: trunk/linpha2/ChangeLog
===================================================================
--- trunk/linpha2/ChangeLog 2006-11-23 21:49:17 UTC (rev 4663)
+++ trunk/linpha2/ChangeLog 2006-11-26 22:14:38 UTC (rev 4664)
@@ -1,3 +1,8 @@
+2006-11-26 flo
+ * create backup of file while editing iptc data
+ * added new requirements check in the installer: show a warning if the server does not
+ support .htaccess files
+
2006-11-23 flo
* todo: only save iptc data if we entered some data in the iptc form -- done
* todo: show full exif informations with pjmt/ShowFileInfo.php (provide security!) -- done
Modified: trunk/linpha2/docs/dev/TODO.txt
===================================================================
--- trunk/linpha2/docs/dev/TODO.txt 2006-11-23 21:49:17 UTC (rev 4663)
+++ trunk/linpha2/docs/dev/TODO.txt 2006-11-26 22:14:38 UTC (rev 4664)
@@ -6,6 +6,9 @@
## Small Todos
- since the admin pages uses the template system, there is no update of the status during the import
thats not very user friendly
+ -> solution: start import etc. directly from the template file, and not buffer the output with ob_start()
+ and just echo it in the template
+
- escape exif data
- how to handle common language strings like "Successfully updated data.", "Submit", "Access denied", "Check file permissions" ??
@@ -16,6 +19,16 @@
echo LIN_STR_SUBMIT;
?
+- if GDLib is not installed, the rounded corner stuff does not work
+ -> create for each installed theme and/or example in the admin page rounded corners by hand and save them to /lib/graphics
+ -> in roundedcorners.php add a check if function_exists 'imagejpeg' and if not, take them from /lib/graphics
+ -> allow user only to choose colors for which the images in /lib/graphics exists if gdlib is not installed, and add an info why it is limited
+
+- if the /var folder is not protected from outside (allow override in httpd.conf not set, or IIS with no support of .htaccess files)
+ its maybe dangerous to save the linpha logger's log file to /var
+ a hacker could get a list of possible usernames and other private informations!
+ so, what to do? i would like to have the linpha logger enabled by default...
+
## Big Todos
- Installer
@@ -28,16 +41,6 @@
-> otherwise it would be possible to overwrite the current installation, (and to delete cache folders)
- DONT add feature to drop tables if they already exists
-- IPTC/XMP Image fields
- - Read XMP entries
- - Write IPTC/XMP entries
- - UTF-8 support
- - see also
- https://sourceforge.net/forum/message.php?msg_id=3648731
- and
- https://sourceforge.net/forum/message.php?msg_id=3674100
- - wait until new release is done by evan hunter ?
-
- Videos
- Video thumbnail (what about ffmpeg?)
- switch between quicktime and mplayer?
@@ -67,6 +70,17 @@
DONE
====
+
+- IPTC/XMP Image fields
+ - Read XMP entries
+ - Write IPTC/XMP entries
+ - UTF-8 support
+ - see also
+ https://sourceforge.net/forum/message.php?msg_id=3648731
+ and
+ https://sourceforge.net/forum/message.php?msg_id=3674100
+ - wait until new release is done by evan hunter ?
+
- Style
- use relative font sizes instead of aboslute
- style forms this way http://www.cssplay.co.uk/menu/form.html
Modified: trunk/linpha2/install/lib.install.php
===================================================================
--- trunk/linpha2/install/lib.install.php 2006-11-23 21:49:17 UTC (rev 4663)
+++ trunk/linpha2/install/lib.install.php 2006-11-26 22:14:38 UTC (rev 4664)
@@ -373,7 +373,39 @@
}
+/**
+ * get a clean path
+ * input: ..//./../dir4//./dir5/dir6/..//dir7/
+ * output: ../../dir4/dir5/dir7/
+ *
+ * the php builtin function realpath does not work if the file does not exists
+ *
+ * thanks to http://ch2.php.net/realpath
+ */
+function installCleanPath($path) {
+ $result = array();
+ // $pathA = preg_split('/[\/\\\]/', $path);
+ $pathA = explode('/', $path);
+ if (!$pathA[0])
+ $result[] = '';
+ foreach ($pathA AS $key => $dir) {
+ if ($dir == '..') {
+ if (end($result) == '..') {
+ $result[] = '..';
+ } elseif (!array_pop($result)) {
+ $result[] = '..';
+ }
+ } elseif ($dir && $dir != '.') {
+ $result[] = $dir;
+ }
+ }
+ if (!end($pathA))
+ $result[] = '';
+ return implode('/', $result);
+}
+
+
function failed_msg()
{
$str = "<font color='red'>";
Modified: trunk/linpha2/install/lib.requirements.php
===================================================================
--- trunk/linpha2/install/lib.requirements.php 2006-11-23 21:49:17 UTC (rev 4663)
+++ trunk/linpha2/install/lib.requirements.php 2006-11-26 22:14:38 UTC (rev 4664)
@@ -216,4 +216,55 @@
}
}
+/**
+ * this function checks if the server supports the .htaccess directive to forbid
+ * access to albums and var folder
+ *
+ * @author flo
+ * @uses step2_requirements.php
+ * @package requirements
+ * @return int error number: 1: access forbidden, 2: access possible, 3: unknown
+ * @todo test with other webservers than apache2 (-> apache1, IIS, ..?)
+ */
+function installCheckProtectedFromOutside()
+{
+ $dir = installCleanPath( dirname($_SERVER['PHP_SELF']).'/'.LINPHA_DIR ); // same as LINPHA_CLIENT
+ $dir .= '/albums/';
+ $url = $_SERVER['SERVER_NAME'];
+ $port = $_SERVER['SERVER_PORT'];
+
+ $fp = fsockopen ($url, $port, $errno, $errstr, 5);
+ if (!$fp)
+ {
+ return 3;
+ }
+ else
+ {
+ $get_data = "GET ".$dir." HTTP/1.1\r\nHost: ".$_SERVER['SERVER_NAME']."\r\nConnection: close\r\n\r\n";
+ fputs ($fp, $get_data);
+
+ $string = '';
+ while (!feof($fp))
+ {
+ $string .= fgets($fp,128);
+ }
+ fclose($fp);
+
+ if( preg_match('/^HTTP\/1.1 403 Forbidden/', $string) // string starts with "HTTP/1.1 403 Forbidden"
+ OR strpos($string, 'Error 403')!==false // string contains "Error 403"
+ OR strpos($string, '403 Forbidden') !== false) // string contains "403 Forbidden"
+ {
+ return 1;
+ }
+ elseif( preg_match('/^HTTP\/1.1 200 OK/', $string) ) // string starts with "HTTP/1.1 200 OK"
+ {
+ return 2;
+ }
+ else
+ {
+ return 3;
+ }
+ }
+}
+
?>
\ No newline at end of file
Modified: trunk/linpha2/install/step2_requirements.php
===================================================================
--- trunk/linpha2/install/step2_requirements.php 2006-11-23 21:49:17 UTC (rev 4663)
+++ trunk/linpha2/install/step2_requirements.php 2006-11-26 22:14:38 UTC (rev 4664)
@@ -377,7 +377,32 @@
$error = 1;
}
+/**
+ * checking album and var folder are protected from outside
+ */
+ print_line_left("Album And System Folder Protected From Outside");
+
+ $ret = installCheckProtectedFromOutside();
+ if( $ret == 1 )
+ {
+ print_line_middle("Yes");
+ print_line_right(success_msg());
+ print_line_info("The /albums and /var folders are protected from outside. See <a href=\"http://linpha.sourceforge.net/wiki/index.php/Secure_LinPHA\">here</a> for more details.");
+ }
+ elseif( $ret == 2 )
+ {
+ print_line_middle("No");
+ print_line_right(warning_msg());
+ print_line_info("The /albums and /var folders are not protected from outside! Please see <a href=\"http://linpha.sourceforge.net/wiki/index.php/Secure_LinPHA\">here</a> for more details.");
+ }
+ elseif( $ret == 3 )
+ {
+ print_line_middle("Unknown");
+ print_line_right(warning_msg());
+ print_line_info("Cannot determine wether the /albums and /var folders are protected from outside! Please see <a href=\"http://linpha.sourceforge.net/wiki/index.php/Secure_LinPHA\">here</a> for more details.");
+ }
+
/**
* show footer of table requirements
*/
Modified: trunk/linpha2/lib/classes/linpha.filesys.class.php
===================================================================
--- trunk/linpha2/lib/classes/linpha.filesys.class.php 2006-11-23 21:49:17 UTC (rev 4663)
+++ trunk/linpha2/lib/classes/linpha.filesys.class.php 2006-11-26 22:14:38 UTC (rev 4664)
@@ -285,6 +285,8 @@
* input: ..//./../dir4//./dir5/dir6/..//dir7/
* output: ../../dir4/dir5/dir7/
*
+ * the php builtin function realpath does not work if the file does not exists
+ *
* thanks to http://ch2.php.net/realpath
*/
function cleanPath($path) {
@@ -309,5 +311,39 @@
return implode('/', $result);
}
+/**
+ * copy a file with a timestamp
+ *
+ * @author flo
+ * @param $filename string path to file to backup
+ * @return bool true if successful, false on failure
+ * @uses LinMetaDataModificate::saveModifiedMetaData()
+ */
+function backupFile($filename)
+{
+ if( !file_exists($filename))
+ {
+ return false;
+ }
+
+ $dirname = dirname($filename);
+ $basename = basename($filename);
+
+ $pos = strrpos($basename,'.');
+ $file_without_ext = substr($basename,0,$pos);
+ $file_ext = substr($basename,$pos+1);
+
+ $timeformat = strftime("%Y%m%d_%H%M%S");
+
+ if( @copy($filename, $dirname.'/.'.$file_without_ext.'_bak_'.$timeformat.'.'.$file_ext) )
+ {
+ return true;
+ }
+ else
+ {
+ return false;
+ }
+}
+
} // end class LinFile
?>
Modified: trunk/linpha2/lib/classes/linpha.functions.php
===================================================================
--- trunk/linpha2/lib/classes/linpha.functions.php 2006-11-23 21:49:17 UTC (rev 4663)
+++ trunk/linpha2/lib/classes/linpha.functions.php 2006-11-26 22:14:38 UTC (rev 4664)
@@ -528,6 +528,7 @@
* login, logout, rotate
* fm_others, fm_upload, fm_delete, fm_move, fm_copy, fm_rename, fm_create_folder, fm_perm
* thumbnail, image
+ * meta_iptc
*
*
* @param string $type log types
@@ -548,9 +549,9 @@
{
switch($type)
{
- case LOG_TYPE_IMPORT: $type_msg = 'IMPORT'; break;
- case LOG_TYPE_UPDATE: $type_msg = 'UPDATE'; break;
- case LOG_TYPE_USER: $type_msg = 'USER'; break;
+ case LOG_TYPE_IMPORT: $type_msg = 'IMPORT '; break;
+ case LOG_TYPE_UPDATE: $type_msg = 'UPDATE '; break;
+ case LOG_TYPE_USER: $type_msg = 'USER '; break;
case LOG_TYPE_DB: $type_msg = 'DATABASE'; break;
case LOG_TYPE_META: $type_msg = 'COMMENTS'; break;
case LOG_TYPE_FILEMANAGER: $type_msg = 'FILEMANAGER'; break;
@@ -563,13 +564,13 @@
switch($severity)
{
case LOG_EMERG: $severity_msg = 'EMERGENCY ERROR'; break;
- case LOG_ALERT: $severity_msg = 'ALERT'; break;
+ case LOG_ALERT: $severity_msg = 'ALERT '; break;
case LOG_CRIT: $severity_msg = 'CRITICAL ERROR'; break;
- case LOG_ERR: $severity_msg = 'ERROR'; break;
+ case LOG_ERR: $severity_msg = 'ERROR '; break;
case LOG_WARNING: $severity_msg = 'WARNING'; break;
- case LOG_NOTICE: $severity_msg = 'NOTICE'; break;
- case LOG_INFO: $severity_msg = 'INFO'; break;
- case LOG_DEBUG: $severity_msg = 'DEBUG'; break;
+ case LOG_NOTICE: $severity_msg = 'NOTICE '; break;
+ case LOG_INFO: $severity_msg = 'INFO '; break;
+ case LOG_DEBUG: $severity_msg = 'DEBUG '; break;
}
/**
@@ -595,14 +596,14 @@
*/
if( !isset($GLOBALS['linpha']->sql->config->value) ) // database not connected!
{
- error_log("$time | $severity_msg | $type_msg | $ip | $user | $text".LIN_NL, 3, LINPHA_DIR.'/var/db_error.log' );
+ error_log("$time | $severity_msg | $type_msg | $ip | $user | $event | $text".LIN_NL, 3, LINPHA_DIR.'/var/db_error.log' );
}
else
{
/**
* filename
*/
- error_log("$time | $severity_msg | $type_msg | $ip | $user | $text".LIN_NL, 3, LinFilesys::getFullPath($GLOBALS['linpha']->sql->config->value['plugins_log_filename']) );
+ error_log("$time | $severity_msg | $type_msg | $ip | $user | $event | $text".LIN_NL, 3, LinFilesys::getFullPath($GLOBALS['linpha']->sql->config->value['plugins_log_filename']) );
/**
* email
@@ -642,7 +643,7 @@
}
}
- syslog($severity, "LinPHA $severity_msg | $type_msg | $ip | $user | $text");
+ syslog($severity, "LinPHA $severity_msg | $type_msg | $ip | $user | $event | $text");
}
}
}
Modified: trunk/linpha2/lib/classes/linpha.imgview.class.php
===================================================================
--- trunk/linpha2/lib/classes/linpha.imgview.class.php 2006-11-23 21:49:17 UTC (rev 4663)
+++ trunk/linpha2/lib/classes/linpha.imgview.class.php 2006-11-26 22:14:38 UTC (rev 4664)
@@ -41,7 +41,6 @@
public $tot_photos;
public $photos;
public $photos_filtered;
-public $use_javascript;
public $id_parent, $img_type, $filename, $md5sum, $org_width, $org_height;
private $nr_pages, $current_page; // only used if javascript disabled
private $newCommentAdded = false; // used for ajax
Modified: trunk/linpha2/lib/classes/linpha.import.class.php
===================================================================
--- trunk/linpha2/lib/classes/linpha.import.class.php 2006-11-23 21:49:17 UTC (rev 4663)
+++ trunk/linpha2/lib/classes/linpha.import.class.php 2006-11-26 22:14:38 UTC (rev 4664)
@@ -467,6 +467,9 @@
/**
* exif date and exif rotate stuff
* globally turn off using 'sys_import_exif' if having problems with pjmt
+ *
+ * @todo index all exif tags if we already have read the meta data!
+ * but should we also read iptc at this point?
*/
if( $GLOBALS['linpha']->sql->config->value['sys_import_exif'] )
{
Modified: trunk/linpha2/lib/classes/linpha.metadata.class.php
===================================================================
--- trunk/linpha2/lib/classes/linpha.metadata.class.php 2006-11-23 21:49:17 UTC (rev 4663)
+++ trunk/linpha2/lib/classes/linpha.metadata.class.php 2006-11-26 22:14:38 UTC (rev 4664)
@@ -790,6 +790,7 @@
if(isset($_POST['linCmd']) && $_POST['linCmd']=='linInsertMetaLinpha')
{
LinMetaDataModificate::saveModifiedMetaDataLinpha();
+ linSysLog( i18n("Successfully updated data.") );
}
/**
@@ -813,18 +814,26 @@
unset($new_ps_file_info_array['linMetaField']);
unset($new_ps_file_info_array['submit']);
- if( LinMetaDataModificate::saveModifiedMetaDataIptc( $new_ps_file_info_array ) )
+ if( LinFilesys::backupFile($GLOBALS['linpha']->imgview->src_file))
{
- /**
- * force read data from file again if write was successful
- */
- unset($new_ps_file_info_array);
- LinImport::updateEntry(
- $GLOBALS['linpha']->template->idCurrent ,
- dirname($GLOBALS['linpha']->imgview->src_file) ,
- basename($GLOBALS['linpha']->imgview->src_file)
- );
+ if( LinMetaDataModificate::saveModifiedMetaDataIptc( $new_ps_file_info_array, $GLOBALS['linpha']->imgview->src_file ) ) // error handling already done
+ {
+ /**
+ * force read data from file again if write was successful
+ */
+ unset($new_ps_file_info_array);
+ LinImport::updateEntry(
+ $GLOBALS['linpha']->template->idCurrent ,
+ dirname($GLOBALS['linpha']->imgview->src_file) ,
+ basename($GLOBALS['linpha']->imgview->src_file)
+ );
+ }
}
+ else
+ {
+ linSysLog( sprintf( i18n("Error: Cannot create backup of: %s"), $GLOBALS['linpha']->imgview->src_file) );
+ linLog( LOG_TYPE_META, LOG_ERR, 'meta_iptc', "Error: Cannot create backup of:" .' '. $GLOBALS['linpha']->imgview->src_file );
+ }
}
}
}
@@ -867,7 +876,7 @@
*
* copied from pjmt/Write_File_Info.php
*/
- function saveModifiedMetaDataIptc( & $new_ps_file_info_array )
+ function saveModifiedMetaDataIptc( & $new_ps_file_info_array, $filename )
{
/** // Turn off Error Reporting
error_reporting ( 0 ); // Change: changed to no reporting - as of version 1.11
@@ -917,7 +926,6 @@
// Change: removed limitation on file being in current directory - as of version 1.11
*
*/
- $filename = $GLOBALS['linpha']->imgview->src_file;
// Retrieve the header information
$jpeg_header_data = get_jpeg_header_data( $filename );
@@ -939,6 +947,7 @@
* echo "Error - Failure update Photoshop File Info : $filename <br>\n";
*/
linSysLog( i18n("Error: Failure update Photoshop File Info:" .' '. $filename) );
+ linLog( LOG_TYPE_META, LOG_ERR, 'meta_iptc', "Error: Failure update Photoshop File Info:" .' '. $filename );
// Output HTML with the form and data which was
// sent, to allow the user to fix it
@@ -962,6 +971,7 @@
* echo "Error - Failure to write new JPEG : $filename <br>\n";
*/
linSysLog( i18n("Error: Failure to write new JPEG:" .' '. $filename) );
+ linLog( LOG_TYPE_META, LOG_ERR, 'meta_iptc', "Error: Failure to write new JPEG:" .' '. $filename );
// Output HTML with the form and data which was
// sent, to allow the user to fix it
@@ -983,6 +993,7 @@
// Output information about new file
linSysLog( i18n("DONE! Updated:" .' '. $filename) );
+ linLog( LOG_TYPE_META, LOG_NOTICE, 'meta_iptc', "Updated:" .' '. $filename );
/**
echo "<h1>DONE! - $filename updated</h1>\n";
echo "<p><a href=\"Example.php?jpeg_fname=$filename\" >View Full Metatdata Information</a></p>\n";
Modified: trunk/linpha2/lib/classes/pjmt/Photoshop_File_Info.php
===================================================================
--- trunk/linpha2/lib/classes/pjmt/Photoshop_File_Info.php 2006-11-23 21:49:17 UTC (rev 4663)
+++ trunk/linpha2/lib/classes/pjmt/Photoshop_File_Info.php 2006-11-26 22:14:38 UTC (rev 4664)
@@ -238,10 +238,13 @@
// Cycle through each Subject value and save them
foreach ( $Item['children'][0]['children'] as $keywords )
{
- if ( ! in_array ( HTML_UTF8_Escape( $keywords['value'] ), $outputarray['keywords']))
+ /**
+ * edited by linpha, flo 25.11.2006: first check if array_key_exists befor in_array statement to prevent php notice
+ */
+ if ( array_key_exists( 'value', $keywords ) )
{
- if ( array_key_exists( 'value', $keywords ) )
- {
+ if ( ! in_array ( HTML_UTF8_Escape( $keywords['value'] ), $outputarray['keywords']))
+ {
$outputarray['keywords'][] = HTML_UTF8_Escape( $keywords['value'] );
}
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
