Skip to content

Commit

Permalink
Merge branch 'release-1.0b2'
Browse files Browse the repository at this point in the history 
* release-1.0b2:
  [#654 state:resolved] Synched Melody with changes from Movable Type 4.35. See http://www.movabletype.org/2010/12/movable_type_504_and_435_security_update.html
  • Loading branch information
@jayallen
jayallen committed Dec 8, 2010
2 parents 8a52069 + d3bd01b commit 69137c8
Show file tree
Hide file tree
Showing 9 changed files with 73 additions and 45 deletions.
8 changes: 4 additions & 4 deletions build/mt-dists/default.mk
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
PRODUCT_NAME = Melody
PRODUCT_VERSION = 0.9.30
VERSION_ID = 1.0.0b2 (build 30)
PRODUCT_VERSION = 0.9.31
VERSION_ID = 1.0.0b2 (build 31)
SCHEMA_VERSION = 4.0077
# Corresponds to MT 4.34 (plus Melody enhancements)
API_VERSION = 4.34
# Corresponds to MT 4.35 (plus Melody enhancements)
API_VERSION = 4.35
BUILD_LANGUAGE = en_US
VERSION_SUFFIX =
PORTAL_URL = http://openmelody.org/
Expand Down
6 changes: 3 additions & 3 deletions lib/MT.pm
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,17 +43,17 @@ BEGIN {
# different version and their uses and the version module POD
# for details about the next line and its semantics:
# http://search.cpan.org/~jpeacock/version-0.85/lib/version.pod
use version 0.77; our $VERSION = version->declare("v0.9.30");
use version 0.77; our $VERSION = version->declare("v0.9.31");

# MakeMaker stops at the line above, so NOW, we swap the $VERSION
# to $PRODUCT_VERSION and assign $VERSION

$PRODUCT_VERSION = $VERSION; # The rightful resting place
$VERSION = '4.34'; # The true API version
$VERSION = '4.35'; # The true API version
$SCHEMA_VERSION = '4.0077';
$PRODUCT_NAME = 'Melody';
$PRODUCT_CODE = 'OM';
$VERSION_ID = '1.0.0b2 (build 30)';
$VERSION_ID = '1.0.0b2 (build 31)';
$PORTAL_URL = 'http://openmelody.org';
} ## end if ( '__MAKE_ME__' eq ...)
else {
Expand Down
30 changes: 18 additions & 12 deletions lib/MT/App/Search.pm
View file
Original file line number Diff line number Diff line change
Expand Up @@ -703,13 +703,13 @@ sub prepare_context {
|| $q->param('archive_type') =~ /Monthly/i
|| $q->param('archive_type') =~ /Yearly/i )
);
if ( $q->param('author') ) {
require MT::Author;
my $author = MT::Author->load( $q->param('author') );
$ctx->stash( 'author', $author );
$ctx->var( 'author_archive', 1 );
if ($app->param('author') && $app->param('author') =~ /^[0-9]*$/) {
if ( my $author = MT::Author->load($app->param('author')) ) {
$ctx->stash('author', $author);
$ctx->var('author_archive', 1);
}
}
if ( $q->param('category') ) {
if ($app->param('category') && $app->param('category') =~ /^[0-9]*$/) {
require MT::Category;
my $category = MT::Category->load( $q->param('category') );
$ctx->stash( 'category', $category );
Expand Down Expand Up @@ -1055,16 +1055,19 @@ sub _join_category {
if ( 'PHRASE' eq $term->{query} ) {
$query =~ s/'/"/g;
}

my $can_search_by_id = $query =~ /^[0-9]*$/ ? 1 : 0;
my $lucene_struct = Lucene::QueryParser::parse_query($query);
if ( 'PROHIBITED' eq $term->{type} ) {
$_->{type} = 'PROHIBITED' foreach @$lucene_struct;
}

# search for exact match
my ($terms)
= $app->_query_parse_core( $lucene_struct, { id => 1, label => 1 },
{} );
= $app->_query_parse_core( $lucene_struct, {
( $can_search_by_id ? ( id => 1 ) : () ),
label => 1
},
{} );
return unless $terms && @$terms;
push @$terms, '-and',
{ id => \'= placement_category_id', blog_id => \'= entry_blog_id', };
Expand Down Expand Up @@ -1094,14 +1097,17 @@ sub _join_author {
if ( 'PHRASE' eq $term->{query} ) {
$query =~ s/'/"/g;
}

my $can_search_by_id = $query =~ /^[0-9]*$/ ? 1 : 0;
my $lucene_struct = Lucene::QueryParser::parse_query($query);
if ( 'PROHIBITED' eq $term->{type} ) {
$_->{type} = 'PROHIBITED' foreach @$lucene_struct;
}
my ($terms)
= $app->_query_parse_core( $lucene_struct,
{ id => 1, nickname => 'like' }, {} );
= $app->_query_parse_core( $lucene_struct, {
( $can_search_by_id ? ( id => 1 ) : () ),
nickname => 'like',
},
{} );
return unless $terms && @$terms;
push @$terms, '-and', { id => \'= entry_author_id', };
require MT::Author;
Expand Down
5 changes: 4 additions & 1 deletion lib/MT/CMS/Tools.pm
View file
Original file line number Diff line number Diff line change
Expand Up @@ -130,6 +130,9 @@ sub start_recover {
$param ||= {};
$param->{'email'} = $q->param('email');
$param->{'return_to'} = $q->param('return_to') || $cfg->ReturnToURL || '';
if ( $param->{recovered} ) {
$param->{return_to} = MT::Util::encode_js($param->{return_to});
}
$param->{'can_signin'} = ( ref $app eq 'MT::App::CMS' ) ? 1 : 0;
$app->add_breadcrumb( $app->translate('Password Recovery') );

Expand Down Expand Up @@ -332,7 +335,7 @@ sub new_password {
}
$app->make_commenter_session($user);
if ($redirect) {
return $app->redirect($redirect);
return $app->redirect(MT::Util::encode_html($redirect));
}
else {
return $app->redirect_to_edit_profile();
Expand Down
4 changes: 2 additions & 2 deletions lib/MT/Template/Context/Search.pm
View file
Original file line number Diff line number Diff line change
Expand Up @@ -398,10 +398,10 @@ sub context_script {
$link .= "&type=$type";
}
if ( my $include_blogs = $ctx->stash('include_blogs') ) {
$link .= "&IncludeBlogs=$include_blogs";
$link .= "&IncludeBlogs=" . encode_url($include_blogs);
}
elsif ( my $blog_id = $ctx->stash('blog_id') ) {
$link .= "&blog_id=$blog_id";
$link .= "&blog_id=" . encode_url($blog_id);
}
if ( my $format = $ctx->stash('format') ) {
$link .= '&format=' . encode_url($format);
Expand Down
29 changes: 16 additions & 13 deletions lib/MT/Template/ContextHandlers.pm
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9989,6 +9989,8 @@ sub _hdlr_entry_flag {
my $flag = lc $args->{flag}
or return $ctx->error(
MT->translate('You used <$MTEntryFlag$> without a flag.') );
$e->has_column($flag)
or return $ctx->error(MT->translate("You have an error in your '[_2]' attribute: [_1]", $flag, 'flag'));
my $v = $e->$flag();
## The logic here: when we added the convert_breaks flag, we wanted it
## to default to checked, because we added it in 2.0, and people had
Expand Down Expand Up @@ -12521,12 +12523,11 @@ sub _hdlr_comment_reply_link {
my $comment = $ctx->stash('comment') or return $ctx->_no_comment_error();

my $label = $args->{label} || $args->{text} || MT->translate('Reply');
my $comment_author
= MT::Util::encode_html( MT::Util::encode_js( $comment->author ) );
my $comment_author = MT::Util::encode_html(
MT::Util::encode_html( MT::Util::encode_js( $comment->author ) ), 1 );
my $onclick
= sprintf( $args->{onclick} || "mtReplyCommentOnClick(%d, '%s')",
$comment->id, $comment_author );

return
sprintf(
qq(<a title="%s" href="javascript:void(0);" onclick="$onclick">%s</a>),
Expand Down Expand Up @@ -18170,6 +18171,7 @@ sub _hdlr_assets {
AssetsFooter => !defined $assets[ $i + 1 ],
}
);
return $ctx->error( $builder->errstr ) unless defined $out;
$res .= $out;
$row_count++;
$row_count = 0 if $row_count > $per_row;
Expand Down Expand Up @@ -18771,6 +18773,8 @@ sub _hdlr_asset_property {
$ret = 0;
}
else {
$a->has_column($prop)
or return $ctx->error(MT->translate("You have an error in your '[_2]' attribute: [_1]", $prop, 'property'));
$ret = $a->$prop || '';
}

Expand Down Expand Up @@ -21727,18 +21731,17 @@ sub _hdlr_pager_link {
$link .= '?';
}
}
$link .= "limit=$limit";
$link .= "limit=" . encode_url($limit);

#$link .= "&offset=$offset" if $offset;
$link .= "&category=$category" if $category;
$link .= "&author=$author" if $author;
$link .= "&page=$page" if $page;
$link .= "&year=$year" if $year;
$link .= "&month=$month" if $month;
$link .= "&day=$day" if $day;
$link .= "&archive_type=$archive_type" if $archive_type;
$link .= "&template_id=$template_id" if $template_id;

$link .= "&category=" . encode_url($category) if $category;
$link .= "&author=" . encode_url($author) if $author;
$link .= "&page=" . encode_url($page) if $page;
$link .= "&year=" . encode_url($year) if $year;
$link .= "&month=" . encode_url($month) if $month;
$link .= "&day=" . encode_url($day) if $day;
$link .= "&archive_type=" . encode_url($archive_type) if $archive_type;
$link .= "&template_id=" . encode_url($template_id) if $template_id;
return $link;
} ## end sub _hdlr_pager_link

Expand Down
2 changes: 1 addition & 1 deletion php/extlib/ezsql/ezsql_postgres.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -160,7 +160,7 @@ function get_insert_id($query)

// try to find table name

eregi ("insert *into *([^ ]+).*", $query, $regs);
preg_match ("/insert *into *([^ ]+).*/i", $query, $regs);

//print_r($regs);

Expand Down
23 changes: 19 additions & 4 deletions php/lib/mtdb_base.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,8 @@ function MTDatabaseBase($dbuser, $dbpassword = '', $dbname = '',
function unserialize($data) {
if (!$this->serializer) {
require_once("MTSerialize.php");
$this->serializer =& new MTSerialize();
$serializer = new MTSerialize();
$this->serializer =& $serializer;
}
return $this->serializer->unserialize($data);
}
Expand All @@ -66,9 +67,8 @@ function query($query) {
parent::query($query);
}

function &resolve_url($path, $blog_id) {
function &resolve_url($path, $blog_id, $build_type = 3) {
$path = preg_replace('!/$!', '', $path);
$path = $this->escape($path);
$blog_id = intval($blog_id);
# resolve for $path -- one of:
# /path/to/file.html
Expand All @@ -90,7 +90,7 @@ function &resolve_url($path, $blog_id) {
and template_type != 'backup'
order by length(fileinfo_url) asc
";
$rows = $this->get_results(sprintf($sql,$p), ARRAY_A);
$rows = $this->get_results(sprintf($sql,$this->escape($p)), ARRAY_A);
if ($rows) {
break;
}
Expand All @@ -100,6 +100,21 @@ function &resolve_url($path, $blog_id) {

$found = false;
foreach ($rows as $row) {
if ( !empty( $build_type ) ) {
if ( !is_array( $build_type ) ) {
$build_type_array = array( $build_type );
} else {
$build_type_array = $build_type;
}

$type = isset($row['templatemap_build_type']) && strlen($row['templatemap_build_type']) > 0
? $row['templatemap_build_type'] : $row['template_build_type'];

if ( !in_array( $type, $build_type_array ) ) {
continue;
}
}

$fiurl = $row['fileinfo_url'];
if ($fiurl == $path) {
$found = true;
Expand Down
11 changes: 6 additions & 5 deletions php/mt.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,9 @@
# $Id$

if('__MAKE_ME__' == '__MAKE_' . 'ME__') { # If make is not run
define('VERSION', '4.34');
define('VERSION_ID', '1.0.0b2 (build 30)');
define('PRODUCT_VERSION', '0.9.30');
define('VERSION', '4.35');
define('VERSION_ID', '1.0.0b2 (build 31)');
define('PRODUCT_VERSION', '0.9.31');
define('PRODUCT_NAME', 'Melody');
} else {
define('VERSION', '__API_VERSION__');
Expand Down Expand Up @@ -208,7 +208,7 @@ function configure($file = null) {
if ($fp = file($file)) {
foreach ($fp as $line) {
// search through the file
if (!ereg('^\s*\#',$line)) {
if (!preg_match('/^\s*\#/',$line)) {
// ignore lines starting with the hash symbol
if (preg_match('/^\s*(\S+)\s+(.*)$/', $line, $regs)) {
$key = strtolower(trim($regs[1]));
Expand Down Expand Up @@ -299,7 +299,7 @@ function configure_from_db() {
$data = preg_split('/[\r?\n]/', $data);
foreach ($data as $line) {
// search through the file
if (!ereg('^\s*\#',$line)) {
if (!preg_match('/^\s*\#/',$line)) {
// ignore lines starting with the hash symbol
if (preg_match('/^\s*(\S+)\s+(.*)$/', $line, $regs)) {
$key = strtolower(trim($regs[1]));
Expand Down Expand Up @@ -462,6 +462,7 @@ function view($blog_id = null) {
}

// now set the path so it may be queried
$path = preg_replace('/\\\\/', '\\\\\\\\', $path );
$this->request = $path;

// When we are invoked as an ErrorDocument, the parameters are
Expand Down

0 comments on commit 69137c8

Please sign in to comment.