diff --git a/docs/Changelog.md b/docs/Changelog.md index 77457ae..940790f 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -1,3 +1,15 @@ +## v2.7.1 + +Released January 26, 2015 + +- `Improved` auto-login after first installation +- `Fixed` Disabled import of the medium-folder +- `Fixed` error when using apostrophes in text #290 +- `Fixed` $medium is now a tinyint like defined in the database structure +- `Fixed` incorrect height calculation for photos +- `Fixed` creation of test db #295 +- `Fixed` a warning caused by set_charset #291 + ## v2.7 Released December 6, 2014 diff --git a/php/access/Installation.php b/php/access/Installation.php index 6049c42..9d10d9c 100644 --- a/php/access/Installation.php +++ b/php/access/Installation.php @@ -17,8 +17,8 @@ class Installation extends Access { case 'dbCreateConfig': $this->dbCreateConfig(); break; # Error - default: exit('Warning: No configuration!'); - return false; break; + default: exit('Warning: No configuration!'); + return false; break; } diff --git a/php/api.php b/php/api.php index 0c129d8..fa79b4a 100755 --- a/php/api.php +++ b/php/api.php @@ -54,18 +54,18 @@ if (!empty($_POST['function'])||!empty($_GET['function'])) { $plugins = new Plugins($plugins, $database, $settings); # Escape - foreach(array_keys($_POST) as $key) $_POST[$key] = mysqli_real_escape_string($database, urldecode($_POST[$key])); - foreach(array_keys($_GET) as $key) $_GET[$key] = mysqli_real_escape_string($database, urldecode($_GET[$key])); + foreach(array_keys($_POST) as $key) $_POST[$key] = urldecode($_POST[$key]); + foreach(array_keys($_GET) as $key) $_GET[$key] = urldecode($_GET[$key]); # Validate parameters if (isset($_POST['albumIDs'])&&preg_match('/^[0-9\,]{1,}$/', $_POST['albumIDs'])!==1) exit('Error: Wrong parameter type for albumIDs!'); if (isset($_POST['photoIDs'])&&preg_match('/^[0-9\,]{1,}$/', $_POST['photoIDs'])!==1) exit('Error: Wrong parameter type for photoIDs!'); - if (isset($_POST['albumID'])&&preg_match('/^[0-9sfr]{1,}$/', $_POST['albumID'])!==1) exit('Error: Wrong parameter type for albumID!'); + if (isset($_POST['albumID'])&&preg_match('/^[0-9sfr]{1,}$/', $_POST['albumID'])!==1) exit('Error: Wrong parameter type for albumID!'); if (isset($_POST['photoID'])&&preg_match('/^[0-9]{14}$/', $_POST['photoID'])!==1) exit('Error: Wrong parameter type for photoID!'); # Function for switch statement - if (isset($_POST['function'])) $fn = $_POST['function']; - else $fn = $_GET['function']; + if (isset($_POST['function'])) $fn = $_POST['function']; + else $fn = $_GET['function']; if (isset($_SESSION['login'])&&$_SESSION['login']==true) { diff --git a/php/modules/Database.php b/php/modules/Database.php index c7ae0b1..430ebda 100755 --- a/php/modules/Database.php +++ b/php/modules/Database.php @@ -20,8 +20,8 @@ class Database extends Module { if ($database->connect_errno) exit('Error: ' . $database->connect_error); # Avoid sql injection on older MySQL versions by using GBK - if ($database->server_version<50500) $database->set_charset('GBK'); - else $database->set_charset('utf8'); + if ($database->server_version<50500) @$database->set_charset('GBK'); + else @$database->set_charset('utf8'); # Set unicode $database->query('SET NAMES utf8;'); @@ -84,10 +84,9 @@ class Database extends Module { if (!$database->select_db($name)) { # Database doesn't exist - # Check if user can create a database - $result = $database->query('CREATE DATABASE lychee_dbcheck'); - if (!$result) return 'Warning: Creation failed!'; - else $database->query('DROP DATABASE lychee_dbcheck'); + # Check if user can create the database + $result = Database::createDatabase($database, $name); + if ($result===false) return 'Warning: Creation failed!'; } @@ -131,8 +130,8 @@ if(!defined('LYCHEE')) exit('Error: Direct access is not allowed!'); Module::dependencies(isset($database, $name)); # Create database - $result = $database->query("CREATE DATABASE IF NOT EXISTS $name;"); - $database->select_db($name); + $query = Database::prepare($database, 'CREATE DATABASE IF NOT EXISTS ?', array($name)); + $result = $database->query($query); if (!$database->select_db($name)||!$result) return false; return true; diff --git a/php/modules/Import.php b/php/modules/Import.php index a38e23a..c8313bb 100644 --- a/php/modules/Import.php +++ b/php/modules/Import.php @@ -57,62 +57,7 @@ class Import extends Module { } - /*static function move($database, $path) { - - # Determine OS type and set move cmd (Windows untested!) - $myos = substr(PHP_OS,0,3); - $myos = strtoupper($myos); - - if ($myos==='WIN') $osmv = 'MOVE'; - else $osmv = 'mv'; - - # Generate tmp dir name by hashing epoch time & random number - $tmpdirname = md5(time() . rand()); - - # Make temporary directory - if (@mkdir(LYCHEE_DATA . $tmpdirname)===false) { - Log::error($database, __METHOD__, __LINE__, 'Failed to create temporary directory'); - return false; - } - - # Get list of files and move them to tmpdir - $files = glob($path . '*'); - if (isset($files)) { - - foreach ($files as $file) { - - # Prevent unsupported files from being moved - if (is_dir($file)===false&&@exif_imagetype($file)===false) continue; - - $out = ''; - $ret = ''; - $file = escapeshellarg($file); - $cmd = $osmv . " $file " . LYCHEE_DATA . $tmpdirname; - - @exec($cmd, $out, $ret); - - if (isset($ret)&&($ret>0)) Log::error($database, __METHOD__, __LINE__, "Failed to move directory or file ($ret):" . $file); - - } - - } - - # If no files could be copied to the temp dir, remove - $files = glob(LYCHEE_DATA . $tmpdirname . '/*'); - if (count($files)===0) { - rmdir(LYCHEE_DATA . $tmpdirname); - Log::error($database, __METHOD__, __LINE__, 'Import failed, because files could not be temporary moved to ' . LYCHEE_DATA); - return false; - } - - # Set new path - $path = LYCHEE_DATA . $tmpdirname; - - return $path; - - }*/ - - static function server($albumID = 0, $path, $useTemp = false) { + static function server($albumID = 0, $path) { global $database, $plugins, $settings; @@ -126,19 +71,13 @@ class Import extends Module { } # Skip folders of Lychee - if ($path===LYCHEE_UPLOADS_BIG||($path . '/')===LYCHEE_UPLOADS_BIG||$path===LYCHEE_UPLOADS_THUMB||($path . '/')===LYCHEE_UPLOADS_THUMB) { - Log::error($database, __METHOD__, __LINE__, 'Given path is a reserved path of Lychee (' . $path . ')'); - return 'Error: Given path is a reserved path of Lychee!'; + if ($path===LYCHEE_UPLOADS_BIG||($path . '/')===LYCHEE_UPLOADS_BIG|| + $path===LYCHEE_UPLOADS_MEDIUM||($path . '/')===LYCHEE_UPLOADS_MEDIUM|| + $path===LYCHEE_UPLOADS_THUMB||($path . '/')===LYCHEE_UPLOADS_THUMB) { + Log::error($database, __METHOD__, __LINE__, 'The given path is a reserved path of Lychee (' . $path . ')'); + return 'Error: Given path is a reserved path of Lychee!'; } - /*if ($useTemp===true) { - $path = Import::move($database, $path); - if ($path===false) { - Log::error($database, __METHOD__, __LINE__, 'Failed to move import to temporary directory'); - return false; - } - }*/ - $error = false; $contains['photos'] = false; $contains['albums'] = false; @@ -182,7 +121,7 @@ class Import extends Module { continue; } - $import = Import::server($newAlbumID, $file . '/', false); + $import = Import::server($newAlbumID, $file . '/'); if ($import!==true&&$import!=='Notice: Import only contains albums!') { $error = true; @@ -194,11 +133,6 @@ class Import extends Module { } - # Delete tmpdir if import was successful - /*if ($error===false&&$useTemp===true&&file_exists(LYCHEE_DATA . $tmpdirname)) { - if (@rmdir(LYCHEE_DATA . $tmpdirname)===false) Log::error($database, __METHOD__, __LINE__, 'Could not delete temp-folder (' . LYCHEE_DATA . $tmpdirname . ') after successful import'); - }*/ - if ($contains['photos']===false&&$contains['albums']===false) return 'Warning: Folder empty or no readable files to process!'; if ($contains['photos']===false&&$contains['albums']===true) return 'Notice: Import only contains albums!'; return true; diff --git a/php/modules/Photo.php b/php/modules/Photo.php index 3a54bdf..1dfdab4 100755 --- a/php/modules/Photo.php +++ b/php/modules/Photo.php @@ -123,7 +123,7 @@ class Photo extends Module { $photo_name = $exists['photo_name']; $path = $exists['path']; $path_thumb = $exists['path_thumb']; - $medium = ($exists['medium']==='1' ? true : false); + $medium = ($exists['medium']==='1' ? 1 : 0); $exists = true; } @@ -174,8 +174,8 @@ class Photo extends Module { } # Create Medium - if ($this->createMedium($path, $photo_name, $info['width'], $info['height'])) $medium = true; - else $medium = false; + if ($this->createMedium($path, $photo_name, $info['width'], $info['height'])) $medium = 1; + else $medium = 0; # Set thumb url $path_thumb = md5($id) . '.jpeg'; diff --git a/php/modules/Session.php b/php/modules/Session.php index 70054d0..0f3f9b1 100755 --- a/php/modules/Session.php +++ b/php/modules/Session.php @@ -44,9 +44,13 @@ class Session extends Module { # Path to Lychee for the server-import dialog $return['config']['location'] = LYCHEE; - # No login - if ($this->settings['username']===''&&$this->settings['password']==='') $return['config']['login'] = false; - else $return['config']['login'] = true; + # Check if login credentials exist and login if they don't + if ($this->noLogin()===true) { + $public = false; + $return['config']['login'] = false; + } else { + $return['config']['login'] = true; + } if ($public===false) { @@ -109,6 +113,21 @@ class Session extends Module { } + private function noLogin() { + + # Check dependencies + self::dependencies(isset($this->settings)); + + # Check if login credentials exist and login if they don't + if ($this->settings['username']===''&&$this->settings['password']==='') { + $_SESSION['login'] = true; + return true; + } + + return false; + + } + public function logout() { # Call plugins diff --git a/src/scripts/photo.js b/src/scripts/photo.js index 53b1c57..4c9e605 100644 --- a/src/scripts/photo.js +++ b/src/scripts/photo.js @@ -640,7 +640,7 @@ photo.getSize = function() { // Detect if the photo will be shown scaled, // because the screen size is smaller than the photo if (photo.json.width>view.width|| - photo.json.width>view.height) scaled = true; + photo.json.height>view.height) scaled = true; // Calculate pixel ratio of screen if (pixelRatio!==undefined&&pixelRatio>1) {