From 3bf1af44bdf33a9b6e1eca3e5ac781f081ec5485 Mon Sep 17 00:00:00 2001
From: "green-ponies (jgen)" <jgen.tech@gmail.com>
Date: Sun, 12 Feb 2012 14:40:38 -0500
Subject: [PATCH 1/6] Better spacing on the ASCII art.
---
README.txt | 15 +++++++++------
1 file changed, 9 insertions(+), 6 deletions(-)
diff --git a/README.txt b/README.txt
index 622d90a9..c83ec7dc 100644
--- a/README.txt
+++ b/README.txt
@@ -1,10 +1,13 @@
- _________.__ .__ .__ ________
- / _____/| |__ |__| _____ _____ |__| ____ \_____ \
- \_____ \ | | \| |/ \ / \| |/ __ \ / ____/
- / \| Y \ | Y Y \ Y Y \ \ ___// \
- /_______ /|___| /__|__|_| /__|_| /__|\___ >_______ \
- \/ \/ \/ \/ \/ \/
+ _________.__ .__ .__ ________
+ / _____/| |__ |__| _____ _____ |__| ____ \_____ \
+ \_____ \ | | \ | | / \ / \ | |_/ __ \ / ____/
+ / \| Y \| || Y Y \| Y Y \| |\ ___/ / \
+ /_______ /|___| /|__||__|_| /|__|_| /|__| \___ >\_______ \
+ \/ \/ \/ \/ \/ \/
+
+__________________________________________________________________________
+
Shimmie Alpha
~~~~~~~~~~~~~
From edf5059ef4aff8fe5e7fd826f125a9863faf5b7a Mon Sep 17 00:00:00 2001
From: "green-ponies (jgen)" <jgen.tech@gmail.com>
Date: Sun, 12 Feb 2012 14:42:37 -0500
Subject: [PATCH 2/6] Silly tabs.
---
README.txt | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/README.txt b/README.txt
index c83ec7dc..ea3be20e 100644
--- a/README.txt
+++ b/README.txt
@@ -1,12 +1,12 @@
- _________.__ .__ .__ ________
- / _____/| |__ |__| _____ _____ |__| ____ \_____ \
- \_____ \ | | \ | | / \ / \ | |_/ __ \ / ____/
- / \| Y \| || Y Y \| Y Y \| |\ ___/ / \
- /_______ /|___| /|__||__|_| /|__|_| /|__| \___ >\_______ \
- \/ \/ \/ \/ \/ \/
+ _________.__ .__ .__ ________
+ / _____/| |__ |__| _____ _____ |__| ____ \_____ \
+ \_____ \ | | \ | | / \ / \ | |_/ __ \ / ____/
+ / \| Y \| || Y Y \| Y Y \| |\ ___/ / \
+ /_______ /|___| /|__||__|_| /|__|_| /|__| \___ >\_______ \
+ \/ \/ \/ \/ \/ \/
-__________________________________________________________________________
+_________________________________________________________________________
Shimmie Alpha
From f1367ecf6edd4ee177c522aa0603e28352621c94 Mon Sep 17 00:00:00 2001
From: "green-ponies (jgen)" <jgen.tech@gmail.com>
Date: Sun, 12 Feb 2012 14:56:21 -0500
Subject: [PATCH 3/6] Added some more comments / documentation.
---
README.txt | 11 ++++++++++-
core/default_config.inc.php | 13 +++++++++++++
2 files changed, 23 insertions(+), 1 deletion(-)
diff --git a/README.txt b/README.txt
index ea3be20e..b419b692 100644
--- a/README.txt
+++ b/README.txt
@@ -61,6 +61,15 @@ database and file formats haven't changed *completely*, it's different
enough to be a pain.
+Custom Configuration
+~~~~~~~~~~~~~~~~~~~~
+
+Various aspects of Shimmie can be configured to suit your site specific
+needs via the file "config.php" (created after installation).
+Take a look at "core/default_config.inc.php" for the available options
+that can used.
+
+
Development Info
~~~~~~~~~~~~~~~~
http://shimmie.shishnet.org/doc/
@@ -73,7 +82,7 @@ Contact
~~~~~~~
#shimmie on Freenode -- IRC
webmaster at shishnet.org -- email
-https://github.com/shish/shimmie2 -- bug tracker
+https://github.com/shish/shimmie2/issues -- bug tracker
Licence
diff --git a/core/default_config.inc.php b/core/default_config.inc.php
index 2f3003ca..c6a44b57 100644
--- a/core/default_config.inc.php
+++ b/core/default_config.inc.php
@@ -1,4 +1,16 @@
<?php
+/**
+ * These are the default configuration options for Shimmie.
+ *
+ * All of these can be over-ridden by placing a 'define' in config.php
+ *
+ * Do NOT change them in this file. These are the defaults only!
+ *
+ * Example:
+ * define("SPEED_HAX", true);
+ *
+ */
+
// to change these system-level settings, do define("FOO", 123); in config.php
function _d($name, $value) {if(!defined($name)) define($name, $value);}
_d("DATABASE_DSN", null); // string PDO database connection details
@@ -18,4 +30,5 @@ _d("WH_SPLITS", 1); // int how many levels of subfolders to put in
_d("VERSION", 'trunk'); // string shimmie version
_d("SCORE_VERSION", 's2hack/'.VERSION); // string SCore version
_d("TIMEZONE", null); // string timezone
+
?>
From 6a061c83d0af87aa1c8e5301e9e204649fb755ec Mon Sep 17 00:00:00 2001
From: "green-ponies (jgen)" <jgen.tech@gmail.com>
Date: Sun, 12 Feb 2012 19:45:37 -0500
Subject: [PATCH 4/6] Changed how the resize extension calculates required
memory usage.
---
contrib/resize/main.php | 17 ++++++++++++++---
1 file changed, 14 insertions(+), 3 deletions(-)
diff --git a/contrib/resize/main.php b/contrib/resize/main.php
index 51b1bf24..bb5b423b 100644
--- a/contrib/resize/main.php
+++ b/contrib/resize/main.php
@@ -172,8 +172,19 @@ class ResizeImage extends Extension {
throw new ImageResizeException("The image size does not match what is in the database! - Aborting Resize.");
}
- /* Check memory usage limits */
- $memory_use = (filesize($image_filename)*2) + ($width*$height*4) + (4*1024*1024);
+ /*
+ Check Memory usage limits
+
+ Old check: $memory_use = (filesize($image_filename)*2) + ($width*$height*4) + (4*1024*1024);
+ New check: memory_use = width * height * (bits per channel) * channels * 2.5
+
+ It didn't make sense to compute the memory usage based on the NEW size for the image. ($width*$height*4)
+ We need to consider the size that we are GOING TO instead.
+
+ The factor of 2.5 is simply a rough guideline.
+ http://stackoverflow.com/questions/527532/reasonable-php-memory-limit-for-image-resize
+ */
+ $memory_use = ($info[0] * $info[1] * ($info['bits'] / 8) * $info['channels'] * 2.5) / 1024;
$memory_limit = get_memory_limit();
if ($memory_use > $memory_limit) {
@@ -191,7 +202,7 @@ class ResizeImage extends Extension {
else $factor = min( $width / $image_obj->width, $height / $image_obj->height );
$new_width = round( $image_obj->width * $factor );
- $new_height = round( $image_obj->height * $factor );
+ $new_height = round( $image_obj->height * $factor );
}
/* Attempt to load the image */
From f345fde0060cde16b99323984fc1fad963a910ee Mon Sep 17 00:00:00 2001
From: "green-ponies (jgen)" <jgen.tech@gmail.com>
Date: Sun, 12 Feb 2012 19:48:07 -0500
Subject: [PATCH 5/6] Fixing function to get PHP's memory limit.
---
core/util.inc.php | 46 +++++++++++++++++++++++++++++++++++-----------
1 file changed, 35 insertions(+), 11 deletions(-)
diff --git a/core/util.inc.php b/core/util.inc.php
index 04fb2b65..158d1f2e 100644
--- a/core/util.inc.php
+++ b/core/util.inc.php
@@ -547,24 +547,48 @@ function get_memory_limit() {
global $config;
// thumbnail generation requires lots of memory
- $default_limit = 8*1024*1024;
+ $default_limit = 8*1024*1024; // 8 MB of memory is PHP's default.
$shimmie_limit = parse_shorthand_int($config->get_int("thumb_mem_limit"));
+
if($shimmie_limit < 3*1024*1024) {
// we aren't going to fit, override
$shimmie_limit = $default_limit;
}
-
- ini_set("memory_limit", $shimmie_limit);
+
+ /*
+ Get PHP's configured memory limit.
+ Note that this is set to -1 for NO memory limit.
+
+ http://ca2.php.net/manual/en/ini.core.php#ini.memory-limit
+ */
$memory = parse_shorthand_int(ini_get("memory_limit"));
-
- // changing of memory limit is disabled / failed
- if($memory == -1) {
- $memory = $default_limit;
+
+ if ($memory == -1) {
+ // No memory limit.
+
+ // Return the larger of the set limits.
+ if ($shimmie_limit > $default_limit) {
+ return $shimmie_limit;
+ } else {
+ return $default_limit; // return the default memory limit
+ }
+ } else {
+ // PHP has a memory limit set.
+
+ if ($shimmie_limit > $memory) {
+ // Shimmie wants more memory than what PHP is currently set for.
+
+ // Attempt to set PHP's memory limit.
+ if ( ini_set("memory_limit", $shimmie_limit) === FALSE ) {
+ /* We can't change PHP's limit, oh well, return whatever its currently set to */
+ return $memory;
+ }
+ $memory = parse_shorthand_int(ini_get("memory_limit"));
+ }
+
+ // PHP's memory limit is more than Shimmie needs.
+ return $memory; // return the current setting
}
-
- assert($memory > 0);
-
- return $memory;
}
/**
From 519e46578d4479ef2034937a60ded65698249170 Mon Sep 17 00:00:00 2001
From: Shish <shish@shishnet.org>
Date: Mon, 13 Feb 2012 20:51:34 +0000
Subject: [PATCH 6/6] more notation for which strings are HTML safe and which
aren't
---
ext/alias_editor/theme.php | 19 +++++++------------
ext/comment/theme.php | 15 +++++++--------
ext/ext_manager/theme.php | 17 ++++++++---------
ext/handle_pixel/theme.php | 4 ++--
ext/image/theme.php | 9 +++------
ext/setup/theme.php | 23 +++++++++--------------
ext/tag_edit/theme.php | 6 +++---
ext/tag_list/theme.php | 9 +++++----
ext/upload/_style.css | 14 --------------
ext/upload/style.css | 14 ++++++++++++++
ext/upload/theme.php | 2 --
ext/user/theme.php | 10 +++++-----
ext/view/theme.php | 6 +++---
13 files changed, 66 insertions(+), 82 deletions(-)
delete mode 100644 ext/upload/_style.css
diff --git a/ext/alias_editor/theme.php b/ext/alias_editor/theme.php
index 7b6bfb49..dfb24f44 100644
--- a/ext/alias_editor/theme.php
+++ b/ext/alias_editor/theme.php
@@ -12,8 +12,8 @@ class AliasEditorTheme extends Themelet {
$can_manage = $user->can("manage_alias_list");
if($can_manage) {
- $action = "<th width='10%'>Action</th>";
- $add = "
+ $h_action = "<th width='10%'>Action</th>";
+ $h_add = "
<tr>
".make_form(make_link("alias/add"))."
<td><input type='text' name='oldtag'></td>
@@ -24,8 +24,8 @@ class AliasEditorTheme extends Themelet {
";
}
else {
- $action = "";
- $add = "";
+ $h_action = "";
+ $h_add = "";
}
$h_aliases = "";
@@ -49,15 +49,10 @@ class AliasEditorTheme extends Themelet {
$h_aliases .= "</tr>";
}
$html = "
- <script type='text/javascript'>
- $(document).ready(function() {
- $(\"#aliases\").tablesorter();
- });
- </script>
- <table id='aliases' class='zebra'>
- <thead><tr><th>From</th><th>To</th>$action</tr></thead>
+ <table id='aliases' class='sortable zebra'>
+ <thead><tr><th>From</th><th>To</th>$h_action</tr></thead>
<tbody>$h_aliases</tbody>
- <tfoot>$add</tfoot>
+ <tfoot>$h_add</tfoot>
</table>
<p><a href='".make_link("alias/export/aliases.csv")."'>Download as CSV</a></p>
";
diff --git a/ext/comment/theme.php b/ext/comment/theme.php
index acdabed2..0da3f240 100644
--- a/ext/comment/theme.php
+++ b/ext/comment/theme.php
@@ -167,7 +167,6 @@ class CommentListTheme extends Themelet {
if($i_uid == $config->get_int("anon_id")) {
$anoncode = "";
- $style = "";
$anoncode2 = "";
if($this->show_anon_id) {
$anoncode = '<sup>'.$this->anon_id.'</sup>';
@@ -181,7 +180,7 @@ class CommentListTheme extends Themelet {
}
}
}
- $h_userlink = "<span class='username'$style>" . $h_name . $anoncode . $anoncode2 . "</span>";
+ $h_userlink = "<span class='username'>" . $h_name . $anoncode . $anoncode2 . "</span>";
$this->anon_id++;
}
else {
@@ -197,10 +196,10 @@ class CommentListTheme extends Themelet {
';
}
else {
- $avatar = "";
+ $h_avatar = "";
if(!empty($comment->owner_email)) {
$hash = md5(strtolower($comment->owner_email));
- $avatar = "<img src=\"http://www.gravatar.com/avatar/$hash.jpg\"><br>";
+ $h_avatar = "<img src=\"http://www.gravatar.com/avatar/$hash.jpg\"><br>";
}
$h_reply = " - <a href='javascript: replyTo($i_image_id, $i_comment_id)'>Reply</a>";
$h_ip = $user->can("view_ip") ? "<br>".show_ip($comment->poster_ip, "Comment posted {$comment->posted}") : "";
@@ -211,7 +210,7 @@ class CommentListTheme extends Themelet {
<a name="'.$i_comment_id.'"></a>
<div class="comment">
<div class="info">
- '.$avatar.'
+ '.$h_avatar.'
'.$h_timestamp.$h_reply.$h_ip.$h_del.'
</div>
'.$h_userlink.': '.$h_comment.'
@@ -221,19 +220,19 @@ class CommentListTheme extends Themelet {
return "";
}
- protected function build_postbox($image_id) {
+ protected function build_postbox(/*int*/ $image_id) {
global $config;
$i_image_id = int_escape($image_id);
$hash = CommentList::get_hash();
- $captcha = $config->get_bool("comment_captcha") ? captcha_get_html() : "";
+ $h_captcha = $config->get_bool("comment_captcha") ? captcha_get_html() : "";
return '
'.make_form(make_link("comment/add")).'
<input type="hidden" name="image_id" value="'.$i_image_id.'" />
<input type="hidden" name="hash" value="'.$hash.'" />
<textarea id="comment_on_'.$i_image_id.'" name="comment" rows="5" cols="50"></textarea>
- '.$captcha.'
+ '.$h_captcha.'
<br><input type="submit" value="Post Comment" />
</form>
';
diff --git a/ext/ext_manager/theme.php b/ext/ext_manager/theme.php
index 7dd74d5c..879380cb 100644
--- a/ext/ext_manager/theme.php
+++ b/ext/ext_manager/theme.php
@@ -3,7 +3,7 @@
class ExtManagerTheme extends Themelet {
public function display_table(Page $page, /*array*/ $extensions, /*bool*/ $editable) {
global $user;
- $en = $editable ? "<th>Enabled</th>" : "";
+ $h_en = $editable ? "<th>Enabled</th>" : "";
$html = "
".make_form(make_link("ext_manager/set"))."
<script type='text/javascript'>
@@ -13,7 +13,7 @@ class ExtManagerTheme extends Themelet {
</script>
<table id='extensions' class='zebra'>
<thead>
- <tr>$en<th>Name</th><th>Description</th></tr>
+ <tr>$h_en<th>Name</th><th>Description</th></tr>
</thead>
<tbody>
";
@@ -21,27 +21,26 @@ class ExtManagerTheme extends Themelet {
foreach($extensions as $extension) {
if(!$editable && $extension->visibility == "admin") continue;
- $ext_name = $extension->ext_name;
- $h_name = empty($extension->name) ? $ext_name : html_escape($extension->name);
+ $h_name = html_escape(empty($extension->name) ? $extension->ext_name : $extension->name);
$h_description = html_escape($extension->description);
if($extension->enabled === TRUE) $h_enabled = " checked='checked'";
else if($extension->enabled === FALSE) $h_enabled = "";
else $h_enabled = " disabled checked='checked'";
- $h_link = make_link("ext_doc/".html_escape($extension->ext_name));
+ $h_link = make_link("ext_doc/".url_escape($extension->ext_name));
$oe = ($n++ % 2 == 0) ? "even" : "odd";
- $en = $editable ? "<td><input type='checkbox' name='ext_$ext_name'$h_enabled></td>" : "";
+ $h_en = $editable ? "<td><input type='checkbox' name='ext_".html_escape($extension->ext_name)."'$h_enabled></td>" : "";
$html .= "
<tr class='$oe'>
- $en
+ $h_en
<td><a href='$h_link'>$h_name</a></td>
<td style='text-align: left;'>$h_description</td>
</tr>";
}
- $set = $editable ? "<tfoot><tr><td colspan='5'><input type='submit' value='Set Extensions'></td></tr></tfoot>" : "";
+ $h_set = $editable ? "<tfoot><tr><td colspan='5'><input type='submit' value='Set Extensions'></td></tr></tfoot>" : "";
$html .= "
</tbody>
- $set
+ $h_set
</table>
</form>
";
diff --git a/ext/handle_pixel/theme.php b/ext/handle_pixel/theme.php
index a90543c3..84957ac3 100644
--- a/ext/handle_pixel/theme.php
+++ b/ext/handle_pixel/theme.php
@@ -4,8 +4,8 @@ class PixelFileHandlerTheme extends Themelet {
public function display_image(Page $page, Image $image) {
global $config;
- $ilink = $image->get_image_link();
- $html = "<img id='main_image' src='$ilink'>";
+ $u_ilink = $image->get_image_link();
+ $html = "<img id='main_image' src='$u_ilink'>";
if($config->get_bool("image_show_meta")) {
# FIXME: only read from jpegs?
$exif = @exif_read_data($image->get_image_filename(), 0, true);
diff --git a/ext/image/theme.php b/ext/image/theme.php
index 8d0537a1..c21a7390 100644
--- a/ext/image/theme.php
+++ b/ext/image/theme.php
@@ -6,7 +6,7 @@ class ImageIOTheme {
*
* @param $image_id The image to delete
*/
- public function get_deleter_html($image_id) {
+ public function get_deleter_html(/*int*/ $image_id) {
global $config;
if($config->get_bool("image_jquery_confirm")) {
@@ -33,14 +33,11 @@ class ImageIOTheme {
*
* @param $image_id The image to replace
*/
- public function get_replace_html($image_id) {
-
- $html = "
- ".make_form(make_link("image_admin/replace"))."
+ public function get_replace_html(/*int*/ $image_id) {
+ $html = make_form(make_link("image_admin/replace"))."
<input type='hidden' name='image_id' value='$image_id' />
<input type='submit' value='Replace' />
</form>";
-
return $html;
}
}
diff --git a/ext/setup/theme.php b/ext/setup/theme.php
index 472a074f..609ed6b8 100644
--- a/ext/setup/theme.php
+++ b/ext/setup/theme.php
@@ -15,7 +15,6 @@ class SetupTheme extends Themelet {
public function display_page(Page $page, SetupPanel $panel) {
global $user;
-
usort($panel->blocks, "blockcmp");
/*
@@ -44,35 +43,31 @@ class SetupTheme extends Themelet {
public function display_advanced(Page $page, $options) {
global $user;
- $rows = "";
+ $h_rows = "";
$n = 0;
ksort($options);
foreach($options as $name => $value) {
+ $h_name = html_escape($name);
$h_value = html_escape($value);
$len = strlen($h_value);
$oe = ($n++ % 2 == 0) ? "even" : "odd";
- $box = "";
+ $h_box = "";
if(strpos($value, "\n") > 0) {
- $box .= "<textarea cols='50' rows='4' name='_config_$name'>$h_value</textarea>";
+ $h_box .= "<textarea cols='50' rows='4' name='_config_$h_name'>$h_value</textarea>";
}
else {
- $box .= "<input type='text' name='_config_$name' value='$h_value'>";
+ $h_box .= "<input type='text' name='_config_$h_name' value='$h_value'>";
}
- $box .= "<input type='hidden' name='_type_$name' value='string'>";
- $rows .= "<tr class='$oe'><td>$name</td><td>$box</td></tr>";
+ $h_box .= "<input type='hidden' name='_type_$h_name' value='string'>";
+ $h_rows .= "<tr class='$oe'><td>$h_name</td><td>$h_box</td></tr>";
}
$table = "
- <script type='text/javascript'>
- $(document).ready(function() {
- $(\"#settings\").tablesorter();
- });
- </script>
".make_form(make_link("setup/save"))."
- <table id='settings' class='zebra'>
+ <table id='settings' class='sortable zebra'>
<thead><tr><th width='25%'>Name</th><th>Value</th></tr></thead>
- <tbody>$rows</tbody>
+ <tbody>$h_rows</tbody>
<tfoot><tr><td colspan='2'><input type='submit' value='Save Settings'></td></tr></tfoot>
</table>
</form>
diff --git a/ext/tag_edit/theme.php b/ext/tag_edit/theme.php
index 7dd5e9da..419afee6 100644
--- a/ext/tag_edit/theme.php
+++ b/ext/tag_edit/theme.php
@@ -37,12 +37,12 @@ class TagEditTheme extends Themelet {
$h_owner = html_escape($image->get_owner()->name);
$h_av = $image->get_owner()->get_avatar_html();
$h_date = autodate($image->posted);
- $ip = $user->can("view_ip") ? " (".show_ip($image->owner_ip, "Image posted {$image->posted}").")" : "";
+ $h_ip = $user->can("view_ip") ? " (".show_ip($image->owner_ip, "Image posted {$image->posted}").")" : "";
return "
<tr>
<td>Uploader</td>
<td>
- <span class='view'><a class='username' href='".make_link("user/$h_owner")."'>$h_owner</a>$ip, $h_date</span>
+ <span class='view'><a class='username' href='".make_link("user/$h_owner")."'>$h_owner</a>$h_ip, $h_date</span>
<input class='edit' type='text' name='tag_edit__owner' value='$h_owner'>
</td>
<td width='80px' rowspan='4'>$h_av</td>
@@ -64,7 +64,7 @@ class TagEditTheme extends Themelet {
";
}
- private function format_source($source) {
+ private function format_source(/*string*/ $source) {
if(!empty($source)) {
$h_source = html_escape($source);
if(startsWith($source, "http://") || startsWith($source, "https://")) {
diff --git a/ext/tag_list/theme.php b/ext/tag_list/theme.php
index 23065572..59f7c556 100644
--- a/ext/tag_list/theme.php
+++ b/ext/tag_list/theme.php
@@ -53,9 +53,10 @@ class TagListTheme extends Themelet {
}
}
- if($config->get_string('tag_list_image_type')=="tags"){
- $page->add_block(new Block("Tags", $html, "left", 10));}
- else{
+ if($config->get_string('tag_list_image_type')=="tags") {
+ $page->add_block(new Block("Tags", $html, "left", 10));
+ }
+ else {
$page->add_block(new Block("Related Tags", $html, "left", 10));
}
}
@@ -109,7 +110,7 @@ class TagListTheme extends Themelet {
global $config;
// store local copy for speed.
- $info_link = $config->get_string('info_link');
+ $info_link = $config->get_string('info_link');
$html = "";
$n = 0;
diff --git a/ext/upload/_style.css b/ext/upload/_style.css
deleted file mode 100644
index ef8424c9..00000000
--- a/ext/upload/_style.css
+++ /dev/null
@@ -1,14 +0,0 @@
-/* Only need to change the file/url inputs */
-#large_upload_form INPUT.wid {
- width: 100%;
-}
-#radio_button {
- width: auto;
-}
-#wrapper {
- opacity : 0.4;
- filter: alpha(opacity=40); // msie
-}
-
-/* This is needed since the theme style.css forcibly sets vertical align to "top". */
-TABLE.vert TD, TABLE.vert TH {vertical-align: middle;}
diff --git a/ext/upload/style.css b/ext/upload/style.css
index 33c7f922..7102f3cc 100644
--- a/ext/upload/style.css
+++ b/ext/upload/style.css
@@ -1,3 +1,17 @@
+/* Only need to change the file/url inputs */
+#large_upload_form INPUT.wid {
+ width: 100%;
+}
+#radio_button {
+ width: auto;
+}
+#wrapper {
+ opacity : 0.4;
+ filter: alpha(opacity=40); // msie
+}
+
+/* This is needed since the theme style.css forcibly sets vertical align to "top". */
+TABLE.vert TD, TABLE.vert TH {vertical-align: middle;}
.mini_upload INPUT {
width: 100%;
}
diff --git a/ext/upload/theme.php b/ext/upload/theme.php
index 567938d0..8c3dca71 100644
--- a/ext/upload/theme.php
+++ b/ext/upload/theme.php
@@ -11,7 +11,6 @@ class UploadTheme extends Themelet {
public function display_page(Page $page) {
global $config, $page;
- $page->add_html_header("<link rel='stylesheet' href='".get_base_href()."/ext/upload/_style.css' type='text/css'>");
$tl_enabled = ($config->get_string("transload_engine", "none") != "none");
// Uploader 2.0!
@@ -157,7 +156,6 @@ class UploadTheme extends Themelet {
/* only allows 1 file to be uploaded - for replacing another image file */
public function display_replace_page(Page $page, /*int*/ $image_id) {
global $config, $page;
- $page->add_html_header("<link rel='stylesheet' href='".get_base_href()."/ext/upload/_style.css' type='text/css'>");
$tl_enabled = ($config->get_string("transload_engine", "none") != "none");
$js2 = 'javascript:$(function() {
diff --git a/ext/user/theme.php b/ext/user/theme.php
index c8a7068e..a4639cd7 100644
--- a/ext/user/theme.php
+++ b/ext/user/theme.php
@@ -17,7 +17,7 @@ class UserPageTheme extends Themelet {
$html .= "<tr><td>Name</td></tr>";
foreach($users as $duser) {
$html .= "<tr>";
- $html .= "<td><a href='".make_link("user/".$duser->name)."'>".html_escape($duser->name)."</a></td>";
+ $html .= "<td><a href='".make_link("user/".url_escape($duser->name))."'>".html_escape($duser->name)."</a></td>";
$html .= "</tr>";
}
$html .= "</table>";
@@ -50,7 +50,7 @@ class UserPageTheme extends Themelet {
if(empty($tac)) {$html = "";}
else {$html = '<p>'.$tac.'</p>';}
- $reca = "<tr><td colspan='2'>".captcha_get_html()."</td></tr>";
+ $h_reca = "<tr><td colspan='2'>".captcha_get_html()."</td></tr>";
$html .= '
'.make_form(make_link("user_admin/create"))."
@@ -59,7 +59,7 @@ class UserPageTheme extends Themelet {
<tr><td>Password</td><td><input type='password' name='pass1'></td></tr>
<tr><td>Repeat Password</td><td><input type='password' name='pass2'></td></tr>
<tr><td>Email (Optional)</td><td><input type='text' name='email'></td></tr>
- $reca
+ $h_reca
<tr><td colspan='2'><input type='Submit' value='Create Account'></td></tr>
</table>
</form>
@@ -135,8 +135,8 @@ class UserPageTheme extends Themelet {
assert(is_array($stats));
$stats[] = 'User ID: '.$duser->id;
- $page->set_title($duser->name."'s Page");
- $page->set_heading($duser->name."'s Page");
+ $page->set_title(html_escape($duser->name)."'s Page");
+ $page->set_heading(html_escape($duser->name)."'s Page");
$page->add_block(new NavBlock());
$page->add_block(new Block("Stats", join("<br>", $stats), "main", 0));
diff --git a/ext/view/theme.php b/ext/view/theme.php
index 7e0bd8b9..4bce845d 100644
--- a/ext/view/theme.php
+++ b/ext/view/theme.php
@@ -7,11 +7,11 @@ class ViewImageTheme extends Themelet {
public function display_page(Image $image, $editor_parts) {
global $page;
- $metatags = str_replace(" ", ", ", html_escape($image->get_tag_list()));
+ $h_metatags = str_replace(" ", ", ", html_escape($image->get_tag_list()));
$page->set_title("Image {$image->id}: ".html_escape($image->get_tag_list()));
- $page->add_html_header("<meta name=\"keywords\" content=\"$metatags\">");
- $page->add_html_header("<meta property=\"og:title\" content=\"$metatags\">");
+ $page->add_html_header("<meta name=\"keywords\" content=\"$h_metatags\">");
+ $page->add_html_header("<meta property=\"og:title\" content=\"$h_metatags\">");
$page->add_html_header("<meta property=\"og:type\" content=\"article\">");
$page->add_html_header("<meta property=\"og:image\" content=\"".make_http($image->get_thumb_link())."\">");
$page->add_html_header("<meta property=\"og:url\" content=\"".make_http(make_link("post/view/{$image->id}"))."\">");