Changes in [1223:e0bd53d02a6f:1224:0767b7ca66b0]

Files:

• .hgsubstate (modified) (1 diff)
• .hgtags (modified) (1 diff)
• CHANGELOG (modified) (1 diff)
• admin/js/jsUpload/jquery.fileupload-ui.js (modified) (3 diffs)
• admin/post.php (modified) (1 diff)
• admin/style/jsUpload/style.css (modified) (1 diff)
• inc/core/class.dc.media.php (modified) (1 diff)
• inc/core/class.dc.modules.php (modified) (1 diff)
• inc/dbschema/upgrade.php (modified) (1 diff)
• inc/prepend.php (modified) (1 diff)
• inc/swf/swfupload.swf (deleted)
• locales/en/help/media.html (modified) (1 diff)
• locales/fr/help/core_media.html (modified) (1 diff)
• locales/fr/main.po (modified) (1 diff)
• locales/fr/plugins.po (modified) (2 diffs)
• plugins/antispam/_admin.php (modified) (1 diff)
• plugins/antispam/index.php (modified) (1 diff)
• plugins/attachments/_public.php (modified) (12 diffs)
• plugins/pages/page.php (modified) (1 diff)

.hgsubstate

@@ -1 @@
-2508420429de7efd362a9b8302420f5eaa602587 inc/libs/clearbricks
+ff969f43ffc6d1a03258e32e8abb1812cddbd450 inc/libs/clearbricks

.hgtags

@@ -12 +12 @@
 6fce226121140735a51a8f447c80f1dacd2974ea 2.4.4
 514d5121a12586b7ff320924d44028b677a01020 2.4.4
+baf879af43beea9764d920c2facd7226e90c5cf3 2.5.1

CHANGELOG

@@ +1 @@
+Dotclear 2.5.1 - 2013-07-20
+===========================================================
+* Security fix: Replacement of swfupload.swf by a jQuery plugin
+* Security enhancement: Strenghened lists display
+* Thumbnails quality improved
+* Minor enhancements
+* Various bug fixes
+* Various cosmetic adjustments
+
 Dotclear 2.5.0 - 2013-03-12
 ===========================================================

admin/js/jsUpload/jquery.fileupload-ui.js

@@ -104 +104 @@
                     );
                 });
+
+            /*
+             *  
+             *  Activation du bouton si un fichier trouvé
+             */
+                var fileUploadButtonBar = that.element.find('.fileupload-buttonbar');
+                fileUploadButtonBar.find('.start').prop('disabled', false);
+                fileUploadButtonBar.find('.start').removeClass('disabled');
+             /*
+             *
+             */
             },
             // Callback for the start of each file upload request:
@@ -129 +140 @@
             // Callback for successful uploads:
             done: function (e, data) {
+
                 var that = $(this).data('blueimp-fileupload') ||
                         $(this).data('fileupload'),
@@ -300 +312 @@
                     }
                 );
+            /*
+             *  Recherche des fichers restants à uploader
+             *  Désactivation du bouton si plus rien
+             */
+             var filesList = that.options.filesContainer;
+             if(filesList.find('.start').size() == 0) {
+                var fileUploadButtonBar = that.element.find('.fileupload-buttonbar');
+                fileUploadButtonBar.find('.start').prop('disabled', true);
+                fileUploadButtonBar.find('.start').addClass('disabled');
+             }
+            /*
+             *
+             */
             },
             processstart: function () {

admin/post.php

@@ -420 +420 @@
           '/'.$post->post_url);
           echo '<a id="post-preview" href="'.$preview_url.'" class="button" accesskey="p">'.__('Preview').' (p)'.'</a> ';
-     }
+     } else {
+          echo
+          '<a id="post-cancel" href="index.php" class="button" accesskey="c">'.__('Cancel').' (c)</a>';
+     }
+
      echo
      ($can_delete ? '<input type="submit" class="delete" value="'.__('Delete').'" name="delete" />' : '').

admin/style/jsUpload/style.css

@@ -28 +28 @@
 }
 
-.enhanced_uploader .add, .enhanced_uploader .clean, .enhanced_uploader .cancel {
+.enhanced_uploader .add, .enhanced_uploader .clean, .enhanced_uploader .cancel, .enhanced_uploader .disabled {
      text-shadow: none;
      color: #000;
      background: #F5F5F5;
+     background: -webkit-gradient(linear, left top, left bottom, from(#DFDFDF), to(#F5F5F5));
      background: -moz-linear-gradient(center top , #F5F5F5, #DFDFDF) repeat scroll 0 0 transparent;
      border: 1px solid #CCCCCC;
 }
 
-.enhanced_uploader .button.add:hover, .enhanced_uploader .button.clean:hover, .enhanced_uploader .button.cancel:hover {
+.enhanced_uploader .button.add:hover, .enhanced_uploader .button.clean:hover, .enhanced_uploader .button.cancel:hover, .enhanced_uploader .disabled:hover {
      background: #DFDFDF;
      background: -webkit-gradient(linear, left top, left bottom, from(#DFDFDF), to(#F5F5F5));
      background: -moz-linear-gradient(center top , #DFDFDF, #F5F5F5) repeat scroll 0 0 transparent;
+     border: 1px solid #CCCCCC;
+}
+
+.enhanced_uploader .disabled, .enhanced_uploader .disabled:hover {
+     color: #666;
+     background: #DFDFDF;
      border: 1px solid #CCCCCC;
 }

inc/core/class.dc.media.php

@@ -515 +515 @@
                $f = $this->fileRecord($rs);
                if ($f !== null) {
-                    $res[] = $f;
+                    $res[] = new ArrayObject($f);
                }
           }

inc/core/class.dc.modules.php

@@ -85 +85 @@
                while (($entry = $d->read()) !== false)
                {
-                    $full_entry = $root.'/'.$entry;
+                    $full_entry = $root.$entry;
                     
                     if ($entry != '.' && $entry != '..' && is_dir($full_entry)

inc/dbschema/upgrade.php

@@ -335 +335 @@
                     }
                }
+
+               if (version_compare($version, '2.5.1', '<='))
+               {
+                    // Flash enhanced upload no longer needed
+                    @unlink(DC_ROOT.'/'.'inc/swf/swfupload.swf');
+               }
                
                $core->setVersion('core',DC_VERSION);

inc/prepend.php

@@ -123 +123 @@
 # Constants
 define('DC_ROOT',path::real(dirname(__FILE__).'/..'));
-define('DC_VERSION','2.5.1-dev');
+define('DC_VERSION','2.5.1');
 define('DC_DIGESTS',dirname(__FILE__).'/digests');
 define('DC_L10N_ROOT',dirname(__FILE__).'/../locales');

locales/en/help/media.html

@@ -31 +31 @@
   <dd>Check this if you want the file to be private, i.e. accessible only by
   its owner and not accessible from the blog.</dd>
+</dl>
+
+<dl>
+  <dt>Enhanced uploader</dt>
+  <dd>Allows to select one or several of your local files to send them on your 
+  blog. Should any file be bigger than the maximum size, it will not be sent.</dd>
 </dl>
 

locales/fr/help/core_media.html

@@ -31 +31 @@
   <dd>Indique que le fichier envoyé n'est visible que par son propriétaire tant
   qu'il n'est pas publié sur le blog.</dd>
+</dl>
+
+<dl>
+  <dt>Interface avancée</dt>
+  <dd>Permet de choisir plusieurs fichiers à la fois sur son disque dur pour les envoyer sur le
+  blog. Si un des fichiers dépasse la taille maximale, il ne pourra être envoyé.</dd>
 </dl>
 

locales/fr/main.po

@@ -1411 +1411 @@
 
 msgid "Extract"
-msgstr "Extrait"
+msgstr "Extraire"
 
 msgid "Change media properties"

locales/fr/plugins.po

@@ -1896 +1896 @@
 msgstr "Liste des derniers commentaires postés"
 
+msgid "You can modify this duration in the %s"
+msgstr "Vous pouvez modifier cette durée dans les %s"
+
 #~ msgid "Export a blog"
 #~ msgstr "Exporter un blog"
@@ -1910 +1913 @@
 #~ msgid "The backup file does not appear to be well formed."
 #~ msgstr "Le fichier de sauvegarde semble mal formaté."
-
-msgid "You can modify this duration in the %s"
-msgstr "Vous pouvez modifier cette durée dans les %s"

plugins/antispam/_admin.php

@@ -59 +59 @@
           if ($ttl != null && $ttl >=0) {
                echo '<p>'.sprintf(__('All spam comments older than %s day(s) will be automatically deleted.'), $ttl).' '.
-               sprintf(__('You can modify this duration in the %s'),'<a href="blog_pref.php"> '.__('Blog preferences').'</a>').
+               sprintf(__('You can modify this duration in the %s'),'<a href="blog_pref.php#antispam_moderation_ttl"> '.__('Blog preferences').'</a>').
                '</p>';
           }

plugins/antispam/index.php

@@ -162 +162 @@
      if ($moderationTTL != null && $moderationTTL >=0) {
           echo '<p>'.sprintf(__('All spam comments older than %s day(s) will be automatically deleted.'), $moderationTTL).' '.
-          sprintf(__('You can modify this duration in the %s'),'<a href="blog_pref.php"> '.__('Blog preferences').'</a>').
+          sprintf(__('You can modify this duration in the %s'),'<a href="blog_pref.php#antispam_moderation_ttl"> '.__('Blog preferences').'</a>').
                '</p>';
      }

plugins/attachments/_public.php

@@ -40 +40 @@
           "<?php\n".
           'if ($_ctx->posts !== null && $core->media) {'."\n".
-               '$_ctx->attachments = new ArrayObject($core->media->getPostMedia($_ctx->posts->post_id));'."\n".
+          '$_ctx->attachments = staticRecord::newFromArray($core->media->getPostMedia($_ctx->posts->post_id));'."\n".
           "?>\n".
           
-          '<?php foreach ($_ctx->attachments as $attach_i => $attach_f) : '.
-          '$GLOBALS[\'attach_i\'] = $attach_i; $GLOBALS[\'attach_f\'] = $attach_f;'.
-          '$_ctx->file_url = $attach_f->file_url; ?>'.
+          '<?php $attach_i = 0; ?>'. // LEGACY
+          '<?php while ($_ctx->attachments->fetch()) : ?>'.
+          
+          '<?php $GLOBALS[\'attach_i\'] = $attach_i; $attach_f = $_ctx->attachments->row(); $GLOBALS[\'attach_f\'] = $attach_f;'. // LEGACY
+          '$_ctx->file_url = $attach_f->file_url; ?>'. // LEGACY
           $content.
-          '<?php endforeach; $_ctx->attachments = null; unset($attach_i,$attach_f,$_ctx->file_url); ?>'.
+          '<?php $attach_i++; ?>'. // LEGACY
+          '<?php endwhile; '.
+          '$_ctx->attachments = null; ?>'.
           
           "<?php } ?>\n";
@@ -60 +64 @@
      {
           return
-          "<?php if (\$attach_i == 0) : ?>".
+          "<?php if (\$_ctx->attachments->isStart()) : ?>".
           $content.
           "<?php endif; ?>";
@@ -71 +75 @@
      {
           return
-          "<?php if (\$attach_i+1 == count(\$_ctx->attachments)) : ?>".
+          "<?php if (\$_ctx->attachments->isEnd()) : ?>".
           $content.
           "<?php endif; ?>";
@@ -93 +97 @@
           if (isset($attr['is_image'])) {
                $sign = (boolean) $attr['is_image'] ? '' : '!';
-               $if[] = $sign.'$attach_f->media_image';
+               $if[] = $sign.'$_ctx->attachments->media_image';
           }
           
           if (isset($attr['has_thumb'])) {
                $sign = (boolean) $attr['has_thumb'] ? '' : '!';
-               $if[] = $sign.'isset($attach_f->media_thumb[\'sq\'])';
+               $if[] = $sign.'isset($_ctx->attachments->media_thumb[\'sq\'])';
           }
           
           if (isset($attr['is_mp3'])) {
                $sign = (boolean) $attr['is_mp3'] ? '==' : '!=';
-               $if[] = '$attach_f->type '.$sign.' "audio/mpeg3"';
+               $if[] = '$_ctx->attachments->type '.$sign.' "audio/mpeg3"';
           }
           
@@ -109 +113 @@
                $sign = (boolean) $attr['is_flv'] ? '' : '!';
                $if[] = $sign.
-                    '($attach_f->type == "video/x-flv" || '.
-                    '$attach_f->type == "video/mp4" || '.
-                    '$attach_f->type == "video/x-m4v")';
+                    '($_ctx->attachments->type == "video/x-flv" || '.
+                    '$_ctx->attachments->type == "video/mp4" || '.
+                    '$_ctx->attachments->type == "video/x-m4v")';
           }
           
@@ -127 +131 @@
      {
           $f = $GLOBALS['core']->tpl->getFilters($attr);
-          return '<?php echo '.sprintf($f,'$attach_f->type').'; ?>';
+          return '<?php echo '.sprintf($f,'$_ctx->attachments->type').'; ?>';
      }
      
@@ -136 +140 @@
      {
           $f = $GLOBALS['core']->tpl->getFilters($attr);
-          return '<?php echo '.sprintf($f,'$attach_f->media_type').'; ?>';
+          return '<?php echo '.sprintf($f,'$_ctx->attachments->media_type').'; ?>';
      }
      
@@ -145 +149 @@
      {
           $f = $GLOBALS['core']->tpl->getFilters($attr);
-          return '<?php echo '.sprintf($f,'$attach_f->basename').'; ?>';
+          return '<?php echo '.sprintf($f,'$_ctx->attachments->basename').'; ?>';
      }
      
@@ -158 +162 @@
           $f = $GLOBALS['core']->tpl->getFilters($attr);
           if (!empty($attr['full'])) {
-               return '<?php echo '.sprintf($f,'$attach_f->size').'; ?>';
-          }
-          return '<?php echo '.sprintf($f,'files::size($attach_f->size)').'; ?>';
+               return '<?php echo '.sprintf($f,'$_ctx->attachments->size').'; ?>';
+          }
+          return '<?php echo '.sprintf($f,'files::size($_ctx->attachments->size)').'; ?>';
      }
      
@@ -169 +173 @@
      {
           $f = $GLOBALS['core']->tpl->getFilters($attr);
-          return '<?php echo '.sprintf($f,'$attach_f->media_title').'; ?>';
+          return '<?php echo '.sprintf($f,'$_ctx->attachments->media_title').'; ?>';
      }
      
@@ -180 +184 @@
           return
           '<?php '.
-          'if (isset($attach_f->media_thumb[\'sq\'])) {'.
-               'echo '.sprintf($f,'$attach_f->media_thumb[\'sq\']').';'.
+          'if (isset($_ctx->attachments->media_thumb[\'sq\'])) {'.
+               'echo '.sprintf($f,'$_ctx->attachments->media_thumb[\'sq\']').';'.
           '}'.
           '?>';
@@ -192 +196 @@
      {
           $f = $GLOBALS['core']->tpl->getFilters($attr);
-          return '<?php echo '.sprintf($f,'$attach_f->file_url').'; ?>';
+          return '<?php echo '.sprintf($f,'$_ctx->attachments->file_url').'; ?>';
      }
      

plugins/pages/page.php

@@ -432 +432 @@
           '/'.$post->post_url);
           echo '<a id="post-preview" href="'.$preview_url.'" class="button" accesskey="p">'.__('Preview').' (p)'.'</a>';
-     }
-     
+     } else {
+          echo
+          '<a id="post-cancel" href="index.php" class="button" accesskey="c">'.__('Cancel').' (c)</a>';
+     }
+
      echo
      ($can_delete ? '<input type="submit" class="delete" value="'.__('Delete').'" name="delete" />' : '').