diff options
Diffstat (limited to 'start.php')
-rw-r--r-- | start.php | 94 |
1 files changed, 1 insertions, 93 deletions
@@ -41,14 +41,9 @@ function tidypics_init() { $js = elgg_get_simplecache_url('js', 'photos/tagging'); elgg_register_simplecache_view('js/photos/tagging'); elgg_register_js('tidypics:tagging', $js, 'footer'); - $js = elgg_get_simplecache_url('js', 'photos/uploading'); - elgg_register_simplecache_view('js/photos/uploading'); - elgg_register_js('tidypics:uploading', $js, 'footer'); elgg_register_js('tidypics:slideshow', 'mod/tidypics/vendors/PicLensLite/piclens_optimized.js', 'footer'); - elgg_register_js('swfobject', 'mod/tidypics/vendors/uploadify/swfobject.js', 'footer'); - elgg_register_js('jquery.uploadify-tp', 'mod/tidypics/vendors/uploadify/jquery.uploadify.v2.1.1.min.js', 'footer'); - + // Add photos link to owner block/hover menus elgg_register_plugin_hook_handler('register', 'menu:owner_block', 'tidypics_owner_block_menu'); @@ -81,12 +76,6 @@ function tidypics_init() { register_notification_object('object', 'album', elgg_echo('tidypics:newalbum_subject')); elgg_register_plugin_hook_handler('notify:entity:message', 'object', 'tidypics_notify_message'); - // allow people in a walled garden to use flash uploader - elgg_register_plugin_hook_handler('public_pages', 'walled_garden', 'tidypics_walled_garden_override'); - - // flash session work around for uploads when use_only_cookies is set - elgg_register_plugin_hook_handler('forward', 'csrf', 'tidypics_ajax_session_handler'); - // Register actions $base_dir = elgg_get_plugins_path() . 'tidypics/actions/photos'; elgg_register_action("photos/delete", "$base_dir/delete.php"); @@ -440,87 +429,6 @@ function tidypics_notify_message($hook, $type, $result, $params) { } /** - * Allows the flash uploader actions through walled garden since - * they come without the session cookie - */ -function tidypics_walled_garden_override($hook, $type, $pages) { - $pages[] = 'action/photos/image/ajax_upload'; - $pages[] = 'action/photos/image/ajax_upload_complete'; - return $pages; -} - -/** - * Work around for Flash/session issues - * - * Catches Elgg attempting to forward the Flash uploader because it doesn't - * have a session cookie. Instead manually runs the action. - * - * @param string $hook The name of the hook - * @param string $type The type of the hook - * @param string $value Location being forwarded to - * @param array $params Parameters related to the forward() call - * @return void - */ -function tidypics_ajax_session_handler($hook, $type, $value, $params) { - $www_root = elgg_get_config('wwwroot'); - $url = $params['current_url']; - - if ($url !== "{$www_root}action/photos/image/ajax_upload") { - return; - } - - if (elgg_get_logged_in_user_guid() != 0) { - return; - } - - // action_gatekeeper rejected ajax call from Flash due to session issue - - // Validate token - $token = get_input('__elgg_token'); - $ts = get_input('__elgg_ts'); - $session_id = get_input('Elgg'); - $session_token = get_input('session_token'); - $tidypics_token = get_input('tidypics_token'); - $user_guid = get_input('user_guid'); - $user = get_user($user_guid); - $timeout = elgg_get_config('action_token_timeout'); - if (!$timeout) { - $timeout = 2; - } - - if (!$user) { - trigger_error('Tidypics warning: failed to get user in flash uploader', E_USER_WARNING); - return; - } - - if (!$token || !$ts || !$session_id || !$tidypics_token) { - trigger_error('Tidypics warning: token information missing in flash uploader', E_USER_WARNING); - return; - } - - $hour = 60*60; - $now = time(); - if ($ts < $now-$hour || $ts > $now+$hour) { - trigger_error('Tidypics warning: failed time check in flash uploader', E_USER_WARNING); - return; - } - - $generated_token = md5($session_id . get_site_secret() . $ts . $user->salt); - - if ($tidypics_token !== $generated_token) { - trigger_error('Tidypics warning: token check failed in flash uploader', E_USER_WARNING); - return; - } - - // passed token test, so login and process action - login($user); - $actions = elgg_get_config('actions'); - include $actions['photos/image/ajax_upload']['file']; - - exit; -} - -/** * Sets up submenus for tidypics most viewed pages */ function tidypics_mostviewed_submenus() { |