Merge pull request #296 from electerious/v2.7.1

v2.7.1
2015-01-26 20:30:47 +01:00 · 2015-01-26 20:30:47 +01:00 · aa4222c9cf
commit aa4222c9cf
parent 38a8e9840b 3db0846c2e
11 changed files with 57 additions and 93 deletions
--- a/dist/main.js
+++ b/dist/main.js
--- a/dist/view.js
+++ b/dist/view.js
--- a/docs/Changelog.md
+++ b/docs/Changelog.md
@ -1,3 +1,15 @@
 ## v2.7.1
 Released January 26, 2015
 - `Improved` auto-login after first installation
 - `Fixed` Disabled import of the medium-folder
 - `Fixed` error when using apostrophes in text #290
 - `Fixed` $medium is now a tinyint like defined in the database structure
 - `Fixed` incorrect height calculation for photos
 - `Fixed` creation of test db #295
 - `Fixed` a warning caused by set_charset #291
 ## v2.7
 Released December 6, 2014
--- a/php/access/Installation.php
+++ b/php/access/Installation.php
@ -17,8 +17,8 @@ class Installation extends Access {
 			case 'dbCreateConfig':	$this->dbCreateConfig(); break;
 			# Error
-			default:					exit('Warning: No configuration!');
+			default:				exit('Warning: No configuration!');
-										return false; break;
+									return false; break;
 		}
--- a/php/api.php
+++ b/php/api.php
@ -54,18 +54,18 @@ if (!empty($_POST['function'])||!empty($_GET['function'])) {
 	$plugins = new Plugins($plugins, $database, $settings);
 	# Escape
-	foreach(array_keys($_POST) as $key)	$_POST[$key] = mysqli_real_escape_string($database, urldecode($_POST[$key]));
+	foreach(array_keys($_POST) as $key)	$_POST[$key] = urldecode($_POST[$key]);
-	foreach(array_keys($_GET) as $key)	$_GET[$key] = mysqli_real_escape_string($database, urldecode($_GET[$key]));
+	foreach(array_keys($_GET) as $key)	$_GET[$key] = urldecode($_GET[$key]);
 	# Validate parameters
 	if (isset($_POST['albumIDs'])&&preg_match('/^[0-9\,]{1,}$/', $_POST['albumIDs'])!==1)	exit('Error: Wrong parameter type for albumIDs!');
 	if (isset($_POST['photoIDs'])&&preg_match('/^[0-9\,]{1,}$/', $_POST['photoIDs'])!==1)	exit('Error: Wrong parameter type for photoIDs!');
-	if (isset($_POST['albumID'])&&preg_match('/^[0-9sfr]{1,}$/', $_POST['albumID'])!==1)		exit('Error: Wrong parameter type for albumID!');
+	if (isset($_POST['albumID'])&&preg_match('/^[0-9sfr]{1,}$/', $_POST['albumID'])!==1)	exit('Error: Wrong parameter type for albumID!');
 	if (isset($_POST['photoID'])&&preg_match('/^[0-9]{14}$/', $_POST['photoID'])!==1)		exit('Error: Wrong parameter type for photoID!');
 	# Function for switch statement
-	if (isset($_POST['function'])) $fn = $_POST['function'];
+	if (isset($_POST['function']))	$fn = $_POST['function'];
-	else $fn = $_GET['function'];
+	else							$fn = $_GET['function'];
 	if (isset($_SESSION['login'])&&$_SESSION['login']==true) {
--- a/php/modules/Database.php
+++ b/php/modules/Database.php
@ -84,10 +84,9 @@ class Database extends Module {
 		if (!$database->select_db($name)) {
 			# Database doesn't exist
-			# Check if user can create a database
+			# Check if user can create the database
-			$result = $database->query('CREATE DATABASE lychee_dbcheck');
+			$result = Database::createDatabase($database, $name);
-			if (!$result) return 'Warning: Creation failed!';
+			if ($result===false) return 'Warning: Creation failed!';
 			else $database->query('DROP DATABASE lychee_dbcheck');
 		}
@ -131,8 +130,8 @@ if(!defined('LYCHEE')) exit('Error: Direct access is not allowed!');
 		Module::dependencies(isset($database, $name));
 		# Create database
-		$result = $database->query("CREATE DATABASE IF NOT EXISTS $name;");
+		$query	= Database::prepare($database, 'CREATE DATABASE IF NOT EXISTS ?', array($name));
-		$database->select_db($name);
+		$result = $database->query($query);
 		if (!$database->select_db($name)||!$result) return false;
 		return true;
--- a/php/modules/Import.php
+++ b/php/modules/Import.php
@ -57,62 +57,7 @@ class Import extends Module {
 	}
-	/*static function move($database, $path) {
+	static function server($albumID = 0, $path) {
 		# Determine OS type and set move cmd (Windows untested!)
 		$myos = substr(PHP_OS,0,3);
 		$myos = strtoupper($myos);
 		if ($myos==='WIN') $osmv = 'MOVE';
 		else $osmv = 'mv';
 		# Generate tmp dir name by hashing epoch time & random number
 		$tmpdirname = md5(time() . rand());
 		# Make temporary directory
 		if (@mkdir(LYCHEE_DATA . $tmpdirname)===false) {
 			Log::error($database, __METHOD__, __LINE__, 'Failed to create temporary directory');
 			return false;
 		}
 		# Get list of files and move them to tmpdir
 		$files = glob($path . '*');
 		if (isset($files)) {
 			foreach ($files as $file) {
 				# Prevent unsupported files from being moved
 				if (is_dir($file)===false&&@exif_imagetype($file)===false) continue;
 				$out = '';
 				$ret = '';
 				$file = escapeshellarg($file);
 				$cmd = $osmv . " $file " . LYCHEE_DATA . $tmpdirname;
 				@exec($cmd, $out, $ret);
 				if (isset($ret)&&($ret>0)) Log::error($database, __METHOD__, __LINE__, "Failed to move directory or file ($ret):" . $file);
 			}
 		}
 		# If no files could be copied to the temp dir, remove
 		$files = glob(LYCHEE_DATA . $tmpdirname . '/*');
 		if (count($files)===0) {
 			rmdir(LYCHEE_DATA . $tmpdirname);
 			Log::error($database, __METHOD__, __LINE__, 'Import failed, because files could not be temporary moved to ' . LYCHEE_DATA);
 			return false;
 		}
 		# Set new path
 		$path = LYCHEE_DATA . $tmpdirname;
 		return $path;
 	}*/
 	static function server($albumID = 0, $path, $useTemp = false) {
 		global $database, $plugins, $settings;
@ -126,19 +71,13 @@ class Import extends Module {
 		}
 		# Skip folders of Lychee
-		if ($path===LYCHEE_UPLOADS_BIG||($path . '/')===LYCHEE_UPLOADS_BIG||$path===LYCHEE_UPLOADS_THUMB||($path . '/')===LYCHEE_UPLOADS_THUMB) {
+		if ($path===LYCHEE_UPLOADS_BIG||($path . '/')===LYCHEE_UPLOADS_BIG||
-			Log::error($database, __METHOD__, __LINE__, 'Given path is a reserved path of Lychee (' . $path . ')');
+			$path===LYCHEE_UPLOADS_MEDIUM||($path . '/')===LYCHEE_UPLOADS_MEDIUM||
-			return 'Error: Given path is a reserved path of Lychee!';
+			$path===LYCHEE_UPLOADS_THUMB||($path . '/')===LYCHEE_UPLOADS_THUMB) {
 				Log::error($database, __METHOD__, __LINE__, 'The given path is a reserved path of Lychee (' . $path . ')');
 				return 'Error: Given path is a reserved path of Lychee!';
 		}
 		/*if ($useTemp===true) {
 			$path = Import::move($database, $path);
 			if ($path===false) {
 				Log::error($database, __METHOD__, __LINE__, 'Failed to move import to temporary directory');
 				return false;
 			}
 		}*/
 		$error				= false;
 		$contains['photos']	= false;
 		$contains['albums']	= false;
@ -182,7 +121,7 @@ class Import extends Module {
 					continue;
 				}
-				$import = Import::server($newAlbumID, $file . '/', false);
+				$import = Import::server($newAlbumID, $file . '/');
 				if ($import!==true&&$import!=='Notice: Import only contains albums!') {
 					$error = true;
@ -194,11 +133,6 @@ class Import extends Module {
 		}
 		# Delete tmpdir if import was successful
 		/*if ($error===false&&$useTemp===true&&file_exists(LYCHEE_DATA . $tmpdirname)) {
 			if (@rmdir(LYCHEE_DATA . $tmpdirname)===false) Log::error($database, __METHOD__, __LINE__, 'Could not delete temp-folder (' . LYCHEE_DATA . $tmpdirname . ') after successful import');
 		}*/
 		if ($contains['photos']===false&&$contains['albums']===false)	return 'Warning: Folder empty or no readable files to process!';
 		if ($contains['photos']===false&&$contains['albums']===true)	return 'Notice: Import only contains albums!';
 		return true;
--- a/php/modules/Session.php
+++ b/php/modules/Session.php
@ -44,9 +44,13 @@ class Session extends Module {
 		# Path to Lychee for the server-import dialog
 		$return['config']['location'] = LYCHEE;
-		# No login
+		# Check if login credentials exist and login if they don't
-		if ($this->settings['username']===''&&$this->settings['password']==='') $return['config']['login'] = false;
+		if ($this->noLogin()===true) {
-		else $return['config']['login'] = true;
+			$public = false;
 			$return['config']['login'] = false;
 		} else {
 			$return['config']['login'] = true;
 		}
 		if ($public===false) {
@ -109,6 +113,21 @@ class Session extends Module {
 	}
 	private function noLogin() {
 		# Check dependencies
 		self::dependencies(isset($this->settings));
 		# Check if login credentials exist and login if they don't
 		if ($this->settings['username']===''&&$this->settings['password']==='') {
 			$_SESSION['login'] = true;
 			return true;
 		}
 		return false;
 	}
 	public function logout() {
 		# Call plugins
--- a/src/package.json
+++ b/src/package.json
@ -1,6 +1,6 @@
 {
  "name": "Lychee",
-  "version": "2.7.0",
+  "version": "2.7.1",
  "description": "Self-hosted photo-management done right.",
  "authors": "Tobias Reich <tobias.reich.ich@gmail.com>",
  "license": "MIT",
--- a/src/scripts/lychee.js
+++ b/src/scripts/lychee.js
@ -6,8 +6,8 @@
 lychee = {
 	title:			'',
-	version:		'2.7.0',
+	version:		'2.7.1',
-	version_code:	'020700',
+	version_code:	'020701',
 	api_path:		'php/api.php',
 	update_path:	'http://lychee.electerious.com/version/index.php',
--- a/src/scripts/photo.js
+++ b/src/scripts/photo.js
@ -566,7 +566,7 @@ photo.getSize = function() {
 	// Detect if the photo will be shown scaled,
 	// because the screen size is smaller than the photo
 	if (photo.json.width>view.width||
-		photo.json.width>view.height) scaled = true;
+		photo.json.height>view.height) scaled = true;
 	// Calculate pixel ratio of screen
 	if (pixelRatio!==undefined&&pixelRatio>1) {