Merge pull request #354 from electerious/develop

v3.0.1

docs/Changelog.md

@@ -1,6 +1,15 @@
+## v3.0.1
+
+Released May 24, 2015
+
+- `New` Album Sorting (Thanks @ophian, #98)
+- `New` Identifier to prevent login of multiple instances of lychee (#344)
+- `Improved` Albums and photos now can have a title with up to 50 chars (#332)
+- `Fixed` Removing last Tag from photo not possible in Firefox (#269)
+
 ## v3.0.0
 
-Released April 6, 2015
+Released May 6, 2015
 
 **Warning**: You need to enter a new username and password when upgrading from a previous version. Your installation is accessible for everyone till you enter a new login by visiting your Lychee. Both fields are now stored in a secure way. Legacy md5 code has been removed.
 

php/access/Admin.php

@@ -279,9 +279,14 @@ private function setLogin() {
 
 	private function setSorting() {
 
-		Module::dependencies(isset($_POST['type'], $_POST['order']));
+		Module::dependencies(isset($_POST['typeAlbums'], $_POST['orderAlbums'], $_POST['typePhotos'], $_POST['orderPhotos']));
 		$this->settings = new Settings($this->database);
-		echo $this->settings->setSorting($_POST['type'], $_POST['order']);
+
+		$sA = $this->settings->setSortingAlbums($_POST['typeAlbums'], $_POST['orderAlbums']);
+		$sP = $this->settings->setSortingPhotos($_POST['typePhotos'], $_POST['orderPhotos']);
+
+		if ($sA===true&&$sP===true)	echo true;
+		else						echo false;
 
 	}
 

php/api.php

@@ -63,7 +63,8 @@
 	if (isset($_POST['function']))	$fn = $_POST['function'];
 	else							$fn = $_GET['function'];
 
-	if (isset($_SESSION['login'])&&$_SESSION['login']==true) {
+	if ((isset($_SESSION['login'])&&$_SESSION['login']===true)&&
+		(isset($_SESSION['identifier'])&&$_SESSION['identifier']===$settings['identifier'])) {
 
 		###
 		# Admin Access

php/database/albums_table.sql

@@ -4,12 +4,12 @@
 
 CREATE TABLE IF NOT EXISTS `?` (
   `id` int(11) NOT NULL AUTO_INCREMENT,
-  `title` varchar(50) NOT NULL,
+  `title` varchar(100) NOT NULL DEFAULT '',
   `description` varchar(1000) DEFAULT '',
   `sysstamp` int(11) NOT NULL,
   `public` tinyint(1) NOT NULL DEFAULT '0',
   `visible` tinyint(1) NOT NULL DEFAULT '1',
   `downloadable` tinyint(1) NOT NULL DEFAULT '0',
-  `password` varchar(100) DEFAULT '',
+  `password` varchar(100) DEFAULT NULL,
   PRIMARY KEY (`id`)
 ) ENGINE=MyISAM DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;

php/database/photos_table.sql

@@ -4,7 +4,7 @@
 
 CREATE TABLE IF NOT EXISTS `?` (
   `id` bigint(14) NOT NULL,
-  `title` varchar(50) NOT NULL,
+  `title` varchar(100) NOT NULL,
   `description` varchar(1000) DEFAULT '',
   `url` varchar(100) NOT NULL,
   `tags` varchar(1000) NOT NULL DEFAULT '',

php/database/settings_content.sql

@@ -9,6 +9,10 @@ VALUES
   ('password',''),
   ('thumbQuality','90'),
   ('checkForUpdates','1'),
-  ('sorting','ORDER BY id DESC'),
+  ('sortingPhotos','ORDER BY id DESC'),
+  ('sortingAlbums','ORDER BY id DESC'),
+  ('medium','1'),
+  ('imagick','1'),
   ('dropboxKey',''),
+  ('identifier',''),
   ('plugins','');

php/database/update_030001.php

@@ -0,0 +1,70 @@
+<?php
+
+###
+# @name			Update to version 3.0.1
+# @copyright	2015 by Tobias Reich
+###
+
+if (!defined('LYCHEE')) exit('Error: Direct access is not allowed!');
+
+# Change length of photo title
+$query	= Database::prepare($database, "ALTER TABLE `?` CHANGE `title` `title` VARCHAR( 100 ) NOT NULL DEFAULT ''", array(LYCHEE_TABLE_PHOTOS));
+$result	= $database->query($query);
+if (!$result) {
+	Log::error($database, 'update_030001', __LINE__, 'Could not update database (' . $database->error . ')');
+	return false;
+}
+
+# Change length of album title
+$query	= Database::prepare($database, "ALTER TABLE `?` CHANGE `title` `title` VARCHAR( 100 ) NOT NULL DEFAULT ''", array(LYCHEE_TABLE_ALBUMS));
+$result	= $database->query($query);
+if (!$result) {
+	Log::error($database, 'update_030001', __LINE__, 'Could not update database (' . $database->error . ')');
+	return false;
+}
+
+# Add album sorting to settings
+$query	= Database::prepare($database, "SELECT `key` FROM `?` WHERE `key` = 'sortingAlbums' LIMIT 1", array(LYCHEE_TABLE_SETTINGS));
+$result	= $database->query($query);
+if ($result->num_rows===0) {
+	$query	= Database::prepare($database, "INSERT INTO `?` (`key`, `value`) VALUES ('sortingAlbums', 'ORDER BY id DESC')", array(LYCHEE_TABLE_SETTINGS));
+	$result	= $database->query($query);
+	if (!$result) {
+		Log::error($database, 'update_030001', __LINE__, 'Could not update database (' . $database->error . ')');
+		return false;
+	}
+}
+
+# Rename sorting to sortingPhotos
+$query	= Database::prepare($database, "UPDATE ? SET `key` = 'sortingPhotos' WHERE `key` = 'sorting' LIMIT 1", array(LYCHEE_TABLE_SETTINGS));
+$result	= $database->query($query);
+if (!$result) {
+	Log::error($database, 'update_030001', __LINE__, 'Could not update database (' . $database->error . ')');
+	return false;
+}
+
+# Add identifier to settings
+$query	= Database::prepare($database, "SELECT `key` FROM `?` WHERE `key` = 'identifier' LIMIT 1", array(LYCHEE_TABLE_SETTINGS));
+$result	= $database->query($query);
+if ($result->num_rows===0) {
+	$identifier	= md5(microtime(true));
+	$query		= Database::prepare($database, "INSERT INTO `?` (`key`, `value`) VALUES ('identifier', '?')", array(LYCHEE_TABLE_SETTINGS, $identifier));
+	$result		= $database->query($query);
+	if (!$result) {
+		Log::error($database, 'update_030001', __LINE__, 'Could not update database (' . $database->error . ')');
+		return false;
+	}
+} else {
+	$identifier		= md5(microtime(true));
+	$query			= Database::prepare($database, "UPDATE `?` SET `value` = '?' WHERE `key` = 'identifier' LIMIT 1", array(LYCHEE_TABLE_SETTINGS, $identifier));
+	$result	= $database->query($query);
+	if (!$result) {
+		Log::error($database, 'update_030001', __LINE__, 'Could not reset public albums (' . $database->error . ')');
+		return false;
+	}
+}
+
+# Set version
+if (Database::setVersion($database, '030001')===false) return false;
+
+?>

php/modules/Album.php

@@ -94,27 +94,27 @@ public function get() {
 		switch ($this->albumIDs) {
 
 			case 'f':	$return['public'] = '0';
-						$query = Database::prepare($this->database, "SELECT id, title, tags, public, star, album, thumbUrl, takestamp, url FROM ? WHERE star = 1 " . $this->settings['sorting'], array(LYCHEE_TABLE_PHOTOS));
+						$query = Database::prepare($this->database, "SELECT id, title, tags, public, star, album, thumbUrl, takestamp, url FROM ? WHERE star = 1 " . $this->settings['sortingPhotos'], array(LYCHEE_TABLE_PHOTOS));
 						break;
 
 			case 's':	$return['public'] = '0';
-						$query = Database::prepare($this->database, "SELECT id, title, tags, public, star, album, thumbUrl, takestamp, url FROM ? WHERE public = 1 " . $this->settings['sorting'], array(LYCHEE_TABLE_PHOTOS));
+						$query = Database::prepare($this->database, "SELECT id, title, tags, public, star, album, thumbUrl, takestamp, url FROM ? WHERE public = 1 " . $this->settings['sortingPhotos'], array(LYCHEE_TABLE_PHOTOS));
 						break;
 
 			case 'r':	$return['public'] = '0';
-						$query = Database::prepare($this->database, "SELECT id, title, tags, public, star, album, thumbUrl, takestamp, url FROM ? WHERE LEFT(id, 10) >= unix_timestamp(DATE_SUB(NOW(), INTERVAL 1 DAY)) " . $this->settings['sorting'], array(LYCHEE_TABLE_PHOTOS));
+						$query = Database::prepare($this->database, "SELECT id, title, tags, public, star, album, thumbUrl, takestamp, url FROM ? WHERE LEFT(id, 10) >= unix_timestamp(DATE_SUB(NOW(), INTERVAL 1 DAY)) " . $this->settings['sortingPhotos'], array(LYCHEE_TABLE_PHOTOS));
 						break;
 
 			case '0':	$return['public'] = '0';
-						$query = Database::prepare($this->database, "SELECT id, title, tags, public, star, album, thumbUrl, takestamp, url FROM ? WHERE album = 0 " . $this->settings['sorting'], array(LYCHEE_TABLE_PHOTOS));
+						$query = Database::prepare($this->database, "SELECT id, title, tags, public, star, album, thumbUrl, takestamp, url FROM ? WHERE album = 0 " . $this->settings['sortingPhotos'], array(LYCHEE_TABLE_PHOTOS));
 						break;
 
 			default:	$query	= Database::prepare($this->database, "SELECT * FROM ? WHERE id = '?' LIMIT 1", array(LYCHEE_TABLE_ALBUMS, $this->albumIDs));
 						$albums = $this->database->query($query);
 						$return = $albums->fetch_assoc();
 						$return['sysdate']	= date('d M. Y', $return['sysstamp']);
 						$return['password']	= ($return['password']=='' ? '0' : '1');
-						$query	= Database::prepare($this->database, "SELECT id, title, tags, public, star, album, thumbUrl, takestamp, url FROM ? WHERE album = '?' " . $this->settings['sorting'], array(LYCHEE_TABLE_PHOTOS, $this->albumIDs));
+						$query	= Database::prepare($this->database, "SELECT id, title, tags, public, star, album, thumbUrl, takestamp, url FROM ? WHERE album = '?' " . $this->settings['sortingPhotos'], array(LYCHEE_TABLE_PHOTOS, $this->albumIDs));
 						break;
 
 		}
@@ -189,8 +189,8 @@ public function getAll($public) {
 		if ($public===false) $return['smartalbums'] = $this->getSmartInfo();
 
 		# Albums query
-		$query = Database::prepare($this->database, 'SELECT id, title, public, sysstamp, password FROM ? WHERE public = 1 AND visible <> 0', array(LYCHEE_TABLE_ALBUMS));
-		if ($public===false) $query = Database::prepare($this->database, 'SELECT id, title, public, sysstamp, password FROM ?', array(LYCHEE_TABLE_ALBUMS));
+		if ($public===false)	$query = Database::prepare($this->database, 'SELECT id, title, public, sysstamp, password FROM ? ' . $this->settings['sortingAlbums'], array(LYCHEE_TABLE_ALBUMS));
+		else					$query = Database::prepare($this->database, 'SELECT id, title, public, sysstamp, password FROM ? WHERE public = 1 AND visible <> 0 ' . $this->settings['sortingAlbums'], array(LYCHEE_TABLE_ALBUMS));
 
 		# Execute query
 		$albums = $this->database->query($query);
@@ -210,7 +210,7 @@ public function getAll($public) {
 				($public===false)) {
 
 					# Execute query
-					$query	= Database::prepare($this->database, "SELECT thumbUrl FROM ? WHERE album = '?' ORDER BY star DESC, " . substr($this->settings['sorting'], 9) . " LIMIT 3", array(LYCHEE_TABLE_PHOTOS, $album['id']));
+					$query	= Database::prepare($this->database, "SELECT thumbUrl FROM ? WHERE album = '?' ORDER BY star DESC, " . substr($this->settings['sortingPhotos'], 9) . " LIMIT 3", array(LYCHEE_TABLE_PHOTOS, $album['id']));
 					$thumbs	= $this->database->query($query);
 
 					# For each thumb
@@ -223,7 +223,7 @@ public function getAll($public) {
 			}
 
 			# Add to return
-			$return['albums'][$album['id']] = $album;
+			$return['albums'][] = $album;
 
 		}
 
@@ -254,7 +254,7 @@ private function getSmartInfo() {
 		# Unsorted
 		###
 
-		$query		= Database::prepare($this->database, 'SELECT thumbUrl FROM ? WHERE album = 0 ' . $this->settings['sorting'], array(LYCHEE_TABLE_PHOTOS));
+		$query		= Database::prepare($this->database, 'SELECT thumbUrl FROM ? WHERE album = 0 ' . $this->settings['sortingPhotos'], array(LYCHEE_TABLE_PHOTOS));
 		$unsorted	= $this->database->query($query);
 		$i			= 0;
 
@@ -274,7 +274,7 @@ private function getSmartInfo() {
 		# Starred
 		###
 
-		$query		= Database::prepare($this->database, 'SELECT thumbUrl FROM ? WHERE star = 1 ' . $this->settings['sorting'], array(LYCHEE_TABLE_PHOTOS));
+		$query		= Database::prepare($this->database, 'SELECT thumbUrl FROM ? WHERE star = 1 ' . $this->settings['sortingPhotos'], array(LYCHEE_TABLE_PHOTOS));
 		$starred	= $this->database->query($query);
 		$i			= 0;
 
@@ -294,7 +294,7 @@ private function getSmartInfo() {
 		# Public
 		###
 
-		$query		= Database::prepare($this->database, 'SELECT thumbUrl FROM ? WHERE public = 1 ' . $this->settings['sorting'], array(LYCHEE_TABLE_PHOTOS));
+		$query		= Database::prepare($this->database, 'SELECT thumbUrl FROM ? WHERE public = 1 ' . $this->settings['sortingPhotos'], array(LYCHEE_TABLE_PHOTOS));
 		$public		= $this->database->query($query);
 		$i			= 0;
 
@@ -314,7 +314,7 @@ private function getSmartInfo() {
 		# Recent
 		###
 
-		$query		= Database::prepare($this->database, 'SELECT thumbUrl FROM ? WHERE LEFT(id, 10) >= unix_timestamp(DATE_SUB(NOW(), INTERVAL 1 DAY)) ' . $this->settings['sorting'], array(LYCHEE_TABLE_PHOTOS));
+		$query		= Database::prepare($this->database, 'SELECT thumbUrl FROM ? WHERE LEFT(id, 10) >= unix_timestamp(DATE_SUB(NOW(), INTERVAL 1 DAY)) ' . $this->settings['sortingPhotos'], array(LYCHEE_TABLE_PHOTOS));
 		$recent		= $this->database->query($query);
 		$i			= 0;
 
@@ -484,7 +484,7 @@ public function setTitle($title = 'Untitled') {
 		$this->plugins(__METHOD__, 0, func_get_args());
 
 		# Parse
-		if (strlen($title)>50) $title = substr($title, 0, 50);
+		if (strlen($title)>100) $title = substr($title, 0, 100);
 
 		# Execute query
 		$query	= Database::prepare($this->database, "UPDATE ? SET title = '?' WHERE id IN (?)", array(LYCHEE_TABLE_ALBUMS, $title, $this->albumIDs));

php/modules/Database.php

@@ -55,7 +55,8 @@ static function update($database, $dbName, $version = 0) {
 			'020601', #2.6.1
 			'020602', #2.6.2
 			'020700', #2.7.0
-			'030000' #3.0.0
+			'030000', #3.0.0
+			'030001' #3.0.1
 		);
 
 		# For each update

php/modules/Photo.php

@@ -842,7 +842,7 @@ public function setTitle($title) {
 		$this->plugins(__METHOD__, 0, func_get_args());
 
 		# Parse
-		if (strlen($title)>50) $title = substr($title, 0, 50);
+		if (strlen($title)>100) $title = substr($title, 0, 100);
 
 		# Set title
 		$query	= Database::prepare($this->database, "UPDATE ? SET title = '?' WHERE id IN (?)", array(LYCHEE_TABLE_PHOTOS, $title, $this->photoIDs));

php/modules/Session.php

@@ -44,6 +44,9 @@ public function init($database, $dbName, $public, $version) {
 		unset($return['config']['username']);
 		unset($return['config']['password']);
 
+		# Remove identifier from response
+		unset($return['config']['identifier']);
+
 		# Path to Lychee for the server-import dialog
 		$return['config']['location'] = LYCHEE;
 
@@ -67,10 +70,13 @@ public function init($database, $dbName, $public, $version) {
 
 			# Unset unused vars
 			unset($return['config']['thumbQuality']);
-			unset($return['config']['sorting']);
+			unset($return['config']['sortingAlbums']);
+			unset($return['config']['sortingPhotos']);
 			unset($return['config']['dropboxKey']);
 			unset($return['config']['login']);
 			unset($return['config']['location']);
+			unset($return['config']['imagick']);
+			unset($return['config']['medium']);
 			unset($return['config']['plugins']);
 
 		}
@@ -96,15 +102,13 @@ public function login($username, $password) {
 		# Check login with crypted hash
 		if ($this->settings['username']===$username&&
 			$this->settings['password']===$password) {
-				$_SESSION['login'] = true;
+				$_SESSION['login']		= true;
+				$_SESSION['identifier']	= $this->settings['identifier'];
 				return true;
 		}
 
 		# No login
-		if ($this->noLogin()===true) {
-			$_SESSION['login'] = true;
-			return true;
-		}
+		if ($this->noLogin()===true) return true;
 
 		# Call plugins
 		$this->plugins(__METHOD__, 1, func_get_args());
@@ -121,7 +125,8 @@ private function noLogin() {
 		# Check if login credentials exist and login if they don't
 		if ($this->settings['username']===''&&
 			$this->settings['password']==='') {
-				$_SESSION['login'] = true;
+				$_SESSION['login']		= true;
+				$_SESSION['identifier']	= $this->settings['identifier'];
 				return true;
 		}
 
@@ -134,6 +139,9 @@ public function logout() {
 		# Call plugins
 		$this->plugins(__METHOD__, 0, func_get_args());
 
+		$_SESSION['login']		= null;
+		$_SESSION['identifier']	= null;
+
 		session_destroy();
 
 		# Call plugins