Merge branch 'master' into v3.0.0

Conflicts:
	dist/main.js
	dist/view.js
	src/package.json
	src/scripts/lychee.js

docs/Changelog.md

@@ -1,3 +1,15 @@
+## v2.7.1
+
+Released January 26, 2015
+
+- `Improved` auto-login after first installation
+- `Fixed` Disabled import of the medium-folder
+- `Fixed` error when using apostrophes in text #290
+- `Fixed` $medium is now a tinyint like defined in the database structure
+- `Fixed` incorrect height calculation for photos
+- `Fixed` creation of test db #295
+- `Fixed` a warning caused by set_charset #291
+
 ## v2.7
 
 Released December 6, 2014

php/access/Installation.php

@@ -17,8 +17,8 @@ class Installation extends Access {
 			case 'dbCreateConfig':	$this->dbCreateConfig(); break;
 
 			# Error
-			default:					exit('Warning: No configuration!');
-										return false; break;
+			default:				exit('Warning: No configuration!');
+									return false; break;
 
 		}
 

php/api.php

@@ -54,18 +54,18 @@ if (!empty($_POST['function'])||!empty($_GET['function'])) {
 	$plugins = new Plugins($plugins, $database, $settings);
 
 	# Escape
-	foreach(array_keys($_POST) as $key)	$_POST[$key] = mysqli_real_escape_string($database, urldecode($_POST[$key]));
-	foreach(array_keys($_GET) as $key)	$_GET[$key] = mysqli_real_escape_string($database, urldecode($_GET[$key]));
+	foreach(array_keys($_POST) as $key)	$_POST[$key] = urldecode($_POST[$key]);
+	foreach(array_keys($_GET) as $key)	$_GET[$key] = urldecode($_GET[$key]);
 
 	# Validate parameters
 	if (isset($_POST['albumIDs'])&&preg_match('/^[0-9\,]{1,}$/', $_POST['albumIDs'])!==1)	exit('Error: Wrong parameter type for albumIDs!');
 	if (isset($_POST['photoIDs'])&&preg_match('/^[0-9\,]{1,}$/', $_POST['photoIDs'])!==1)	exit('Error: Wrong parameter type for photoIDs!');
-	if (isset($_POST['albumID'])&&preg_match('/^[0-9sfr]{1,}$/', $_POST['albumID'])!==1)		exit('Error: Wrong parameter type for albumID!');
+	if (isset($_POST['albumID'])&&preg_match('/^[0-9sfr]{1,}$/', $_POST['albumID'])!==1)	exit('Error: Wrong parameter type for albumID!');
 	if (isset($_POST['photoID'])&&preg_match('/^[0-9]{14}$/', $_POST['photoID'])!==1)		exit('Error: Wrong parameter type for photoID!');
 
 	# Function for switch statement
-	if (isset($_POST['function'])) $fn = $_POST['function'];
-	else $fn = $_GET['function'];
+	if (isset($_POST['function']))	$fn = $_POST['function'];
+	else							$fn = $_GET['function'];
 
 	if (isset($_SESSION['login'])&&$_SESSION['login']==true) {
 

php/modules/Database.php

@@ -20,8 +20,8 @@ class Database extends Module {
 		if ($database->connect_errno) exit('Error: ' . $database->connect_error);
 
 		# Avoid sql injection on older MySQL versions by using GBK
-		if ($database->server_version<50500) $database->set_charset('GBK');
-		else $database->set_charset('utf8');
+		if ($database->server_version<50500) @$database->set_charset('GBK');
+		else @$database->set_charset('utf8');
 
 		# Set unicode
 		$database->query('SET NAMES utf8;');
@@ -84,10 +84,9 @@ class Database extends Module {
 		if (!$database->select_db($name)) {
 
 			# Database doesn't exist
-			# Check if user can create a database
-			$result = $database->query('CREATE DATABASE lychee_dbcheck');
-			if (!$result) return 'Warning: Creation failed!';
-			else $database->query('DROP DATABASE lychee_dbcheck');
+			# Check if user can create the database
+			$result = Database::createDatabase($database, $name);
+			if ($result===false) return 'Warning: Creation failed!';
 
 		}
 
@@ -131,8 +130,8 @@ if(!defined('LYCHEE')) exit('Error: Direct access is not allowed!');
 		Module::dependencies(isset($database, $name));
 
 		# Create database
-		$result = $database->query("CREATE DATABASE IF NOT EXISTS $name;");
-		$database->select_db($name);
+		$query	= Database::prepare($database, 'CREATE DATABASE IF NOT EXISTS ?', array($name));
+		$result = $database->query($query);
 
 		if (!$database->select_db($name)||!$result) return false;
 		return true;

php/modules/Import.php

@@ -57,62 +57,7 @@ class Import extends Module {
 
 	}
 
-	/*static function move($database, $path) {
-
-		# Determine OS type and set move cmd (Windows untested!)
-		$myos = substr(PHP_OS,0,3);
-		$myos = strtoupper($myos);
-
-		if ($myos==='WIN') $osmv = 'MOVE';
-		else $osmv = 'mv';
-
-		# Generate tmp dir name by hashing epoch time & random number
-		$tmpdirname = md5(time() . rand());
-
-		# Make temporary directory
-		if (@mkdir(LYCHEE_DATA . $tmpdirname)===false) {
-			Log::error($database, __METHOD__, __LINE__, 'Failed to create temporary directory');
-			return false;
-		}
-
-		# Get list of files and move them to tmpdir
-		$files = glob($path . '*');
-		if (isset($files)) {
-
-			foreach ($files as $file) {
-
-				# Prevent unsupported files from being moved
-				if (is_dir($file)===false&&@exif_imagetype($file)===false) continue;
-
-				$out = '';
-				$ret = '';
-				$file = escapeshellarg($file);
-				$cmd = $osmv . " $file " . LYCHEE_DATA . $tmpdirname;
-
-				@exec($cmd, $out, $ret);
-
-				if (isset($ret)&&($ret>0)) Log::error($database, __METHOD__, __LINE__, "Failed to move directory or file ($ret):" . $file);
-
-			}
-
-		}
-
-		# If no files could be copied to the temp dir, remove
-		$files = glob(LYCHEE_DATA . $tmpdirname . '/*');
-		if (count($files)===0) {
-			rmdir(LYCHEE_DATA . $tmpdirname);
-			Log::error($database, __METHOD__, __LINE__, 'Import failed, because files could not be temporary moved to ' . LYCHEE_DATA);
-			return false;
-		}
-
-		# Set new path
-		$path = LYCHEE_DATA . $tmpdirname;
-
-		return $path;
-
-	}*/
-
-	static function server($albumID = 0, $path, $useTemp = false) {
+	static function server($albumID = 0, $path) {
 
 		global $database, $plugins, $settings;
 
@@ -126,19 +71,13 @@ class Import extends Module {
 		}
 
 		# Skip folders of Lychee
-		if ($path===LYCHEE_UPLOADS_BIG||($path . '/')===LYCHEE_UPLOADS_BIG||$path===LYCHEE_UPLOADS_THUMB||($path . '/')===LYCHEE_UPLOADS_THUMB) {
-			Log::error($database, __METHOD__, __LINE__, 'Given path is a reserved path of Lychee (' . $path . ')');
-			return 'Error: Given path is a reserved path of Lychee!';
+		if ($path===LYCHEE_UPLOADS_BIG||($path . '/')===LYCHEE_UPLOADS_BIG||
+			$path===LYCHEE_UPLOADS_MEDIUM||($path . '/')===LYCHEE_UPLOADS_MEDIUM||
+			$path===LYCHEE_UPLOADS_THUMB||($path . '/')===LYCHEE_UPLOADS_THUMB) {
+				Log::error($database, __METHOD__, __LINE__, 'The given path is a reserved path of Lychee (' . $path . ')');
+				return 'Error: Given path is a reserved path of Lychee!';
 		}
 
-		/*if ($useTemp===true) {
-			$path = Import::move($database, $path);
-			if ($path===false) {
-				Log::error($database, __METHOD__, __LINE__, 'Failed to move import to temporary directory');
-				return false;
-			}
-		}*/
-
 		$error				= false;
 		$contains['photos']	= false;
 		$contains['albums']	= false;
@@ -182,7 +121,7 @@ class Import extends Module {
 					continue;
 				}
 
-				$import = Import::server($newAlbumID, $file . '/', false);
+				$import = Import::server($newAlbumID, $file . '/');
 
 				if ($import!==true&&$import!=='Notice: Import only contains albums!') {
 					$error = true;
@@ -194,11 +133,6 @@ class Import extends Module {
 
 		}
 
-		# Delete tmpdir if import was successful
-		/*if ($error===false&&$useTemp===true&&file_exists(LYCHEE_DATA . $tmpdirname)) {
-			if (@rmdir(LYCHEE_DATA . $tmpdirname)===false) Log::error($database, __METHOD__, __LINE__, 'Could not delete temp-folder (' . LYCHEE_DATA . $tmpdirname . ') after successful import');
-		}*/
-
 		if ($contains['photos']===false&&$contains['albums']===false)	return 'Warning: Folder empty or no readable files to process!';
 		if ($contains['photos']===false&&$contains['albums']===true)	return 'Notice: Import only contains albums!';
 		return true;

php/modules/Photo.php

@@ -123,7 +123,7 @@ class Photo extends Module {
 					$photo_name	= $exists['photo_name'];
 					$path		= $exists['path'];
 					$path_thumb	= $exists['path_thumb'];
-					$medium		= ($exists['medium']==='1' ? true : false);
+					$medium		= ($exists['medium']==='1' ? 1 : 0);
 					$exists		= true;
 				}
 
@@ -174,8 +174,8 @@ class Photo extends Module {
 				}
 
 				# Create Medium
-				if ($this->createMedium($path, $photo_name, $info['width'], $info['height'])) $medium = true;
-				else $medium = false;
+				if ($this->createMedium($path, $photo_name, $info['width'], $info['height'])) $medium = 1;
+				else $medium = 0;
 
 				# Set thumb url
 				$path_thumb = md5($id) . '.jpeg';

php/modules/Session.php

@@ -44,9 +44,13 @@ class Session extends Module {
 		# Path to Lychee for the server-import dialog
 		$return['config']['location'] = LYCHEE;
 
-		# No login
-		if ($this->settings['username']===''&&$this->settings['password']==='') $return['config']['login'] = false;
-		else $return['config']['login'] = true;
+		# Check if login credentials exist and login if they don't
+		if ($this->noLogin()===true) {
+			$public = false;
+			$return['config']['login'] = false;
+		} else {
+			$return['config']['login'] = true;
+		}
 
 		if ($public===false) {
 
@@ -109,6 +113,21 @@ class Session extends Module {
 
 	}
 
+	private function noLogin() {
+
+		# Check dependencies
+		self::dependencies(isset($this->settings));
+
+		# Check if login credentials exist and login if they don't
+		if ($this->settings['username']===''&&$this->settings['password']==='') {
+			$_SESSION['login'] = true;
+			return true;
+		}
+
+		return false;
+
+	}
+
 	public function logout() {
 
 		# Call plugins

src/scripts/photo.js

@@ -640,7 +640,7 @@ photo.getSize = function() {
 	// Detect if the photo will be shown scaled,
 	// because the screen size is smaller than the photo
 	if (photo.json.width>view.width||
-		photo.json.width>view.height) scaled = true;
+		photo.json.height>view.height) scaled = true;
 
 	// Calculate pixel ratio of screen
 	if (pixelRatio!==undefined&&pixelRatio>1) {