diff --git a/3.0/modules/digibug/config/digibug.php b/3.0/modules/digibug/config/digibug.php new file mode 100644 index 00000000..9412ca96 --- /dev/null +++ b/3.0/modules/digibug/config/digibug.php @@ -0,0 +1,29 @@ + email address that appears as the from address + * line-length => word wrap length (PHP documentations suggest no larger tha 70 characters + * reply-to => what goes into the reply to header + */ +$config["ranges"] = array( + "Digibug1" => array("low" => "65.249.152.0", "high" => "65.249.159.255"), + "Digibug2" => array("low" => "208.122.55.0", "high" => "208.122.55.255") +); diff --git a/3.0/modules/digibug/controllers/admin_digibug.php b/3.0/modules/digibug/controllers/admin_digibug.php new file mode 100644 index 00000000..50f6f832 --- /dev/null +++ b/3.0/modules/digibug/controllers/admin_digibug.php @@ -0,0 +1,27 @@ +page_title = t("Digibug"); + $v->content = new View("admin_digibug.html"); + print $v; + } +} \ No newline at end of file diff --git a/3.0/modules/digibug/controllers/digibug.php b/3.0/modules/digibug/controllers/digibug.php new file mode 100644 index 00000000..19199188 --- /dev/null +++ b/3.0/modules/digibug/controllers/digibug.php @@ -0,0 +1,121 @@ +file_url(true); + $thumb_url = $item->thumb_url(true); + } else { + $proxy = ORM::factory("digibug_proxy"); + $proxy->uuid = random::hash(); + $proxy->item_id = $item->id; + $proxy->save(); + $full_url = url::abs_site("digibug/print_proxy/full/$proxy->uuid/$item->id"); + $thumb_url = url::abs_site("digibug/print_proxy/thumb/$proxy->uuid/$item->id"); + } + + $v = new View("digibug_form.html"); + $v->order_params = array( + "digibug_api_version" => "100", + "company_id" => module::get_var("digibug", "company_id"), + "event_id" => module::get_var("digibug", "event_id"), + "cmd" => "addimg", + "partner_code" => "69", + "return_url" => url::abs_site("digibug/close_window"), + "num_images" => "1", + "image_1" => $full_url, + "thumb_1" => $thumb_url, + "image_height_1" => $item->height, + "image_width_1" => $item->width, + "thumb_height_1" => $item->thumb_height, + "thumb_width_1" => $item->thumb_width, + "title_1" => html::purify($item->title)); + + print $v; + } + + public function print_proxy($type, $uuid) { + // If its a request for the full size then make sure we are coming from an + // authorized address + if ($type == "full") { + $remote_addr = ip2long(Input::instance()->server("REMOTE_ADDR")); + if ($remote_addr === false) { + throw new Kohana_404_Exception(); + } + $config = Kohana::config("digibug"); + + $authorized = false; + foreach ($config["ranges"] as $ip_range) { + $low = ip2long($ip_range["low"]); + $high = ip2long($ip_range["high"]); + $authorized = $low !== false && $high !== false && + $low <= $remote_addr && $remote_addr <= $high; + if ($authorized) { + break; + } + } + if (!$authorized) { + throw new Kohana_404_Exception(); + } + } + + $proxy = ORM::factory("digibug_proxy")->where("uuid", "=", $uuid)->find(); + if (!$proxy->loaded() || !$proxy->item->loaded()) { + throw new Kohana_404_Exception(); + } + + $file = $type == "full" ? $proxy->item->file_path() : $proxy->item->thumb_path(); + if (!file_exists($file)) { + throw new Kohana_404_Exception(); + } + + // We don't need to save the session for this request + Session::instance()->abort_save(); + + if (!TEST_MODE) { + // Dump out the image + header("Content-Type: {$proxy->item->mime_type}"); + Kohana::close_buffers(false); + $fd = fopen($file, "rb"); + fpassthru($fd); + fclose($fd); + } + + $this->_clean_expired(); + } + + public function close_window() { + print ""; + } + + private function _clean_expired() { + db::build() + ->delete("digibug_proxies") + ->where("request_date", "<=", db::expr("(CURDATE() - INTERVAL 90 DAY)")) + ->limit(20) + ->execute(); + } +} \ No newline at end of file diff --git a/3.0/modules/digibug/helpers/digibug_event.php b/3.0/modules/digibug/helpers/digibug_event.php new file mode 100644 index 00000000..eaebc87b --- /dev/null +++ b/3.0/modules/digibug/helpers/digibug_event.php @@ -0,0 +1,52 @@ +get("settings_menu") + ->append(Menu::factory("link") + ->id("digibug_menu") + ->label(t("Digibug")) + ->url(url::site("admin/digibug"))); + } + + static function site_menu($menu, $theme) { + $item = $theme->item(); + if ($item && $item->type == "photo") { + $menu->get("options_menu") + ->append(Menu::factory("link") + ->id("digibug") + ->label(t("Print with Digibug")) + ->url(url::site("digibug/print_photo/$item->id?csrf=$theme->csrf")) + ->css_id("g-print-digibug-link") + ->css_class("g-print-digibug-link ui-icon-print")); + } + } + + static function context_menu($menu, $theme, $item) { + if ($item->type == "photo") { + $menu->get("options_menu") + ->append(Menu::factory("link") + ->id("digibug") + ->label(t("Print with Digibug")) + ->url(url::site("digibug/print_photo/$item->id?csrf=$theme->csrf")) + ->css_class("g-print-digibug-link ui-icon-print")); + } + } +} diff --git a/3.0/modules/digibug/helpers/digibug_installer.php b/3.0/modules/digibug/helpers/digibug_installer.php new file mode 100644 index 00000000..be88b5ec --- /dev/null +++ b/3.0/modules/digibug/helpers/digibug_installer.php @@ -0,0 +1,51 @@ +query("CREATE TABLE {digibug_proxies} ( + `id` int(9) NOT NULL AUTO_INCREMENT, + `uuid` char(32) NOT NULL, + `request_date` TIMESTAMP NOT NULL DEFAULT current_timestamp, + `item_id` int(9) NOT NULL, + PRIMARY KEY (`id`)) + DEFAULT CHARSET=utf8;"); + + module::set_var("digibug", "company_id", "3153"); + module::set_var("digibug", "event_id", "8491"); + } + + static function upgrade($version) { + if ($version == 1) { + module::clear_var("digibug", "default_company_id"); + module::clear_var("digibug", "default_event_id"); + module::clear_var("digibug", "basic_default_company_id"); + module::clear_var("digibug", "basic_event_id"); + module::set_var("digibug", "company_id", "3153"); + module::set_var("digibug", "event_id", "8491"); + module::set_version("digibug", $version = 2); + } + } + + static function uninstall() { + Database::instance()->query("DROP TABLE IF EXISTS {digibug_proxies}"); + module::delete("digibug"); + } +} diff --git a/3.0/modules/digibug/helpers/digibug_theme.php b/3.0/modules/digibug/helpers/digibug_theme.php new file mode 100644 index 00000000..e3795c3b --- /dev/null +++ b/3.0/modules/digibug/helpers/digibug_theme.php @@ -0,0 +1,24 @@ +script("digibug.js"); + } +} diff --git a/3.0/modules/digibug/images/digibug_logo.png b/3.0/modules/digibug/images/digibug_logo.png new file mode 100644 index 00000000..5eac2c7d Binary files /dev/null and b/3.0/modules/digibug/images/digibug_logo.png differ diff --git a/3.0/modules/digibug/js/digibug.js b/3.0/modules/digibug/js/digibug.js new file mode 100644 index 00000000..46ddac52 --- /dev/null +++ b/3.0/modules/digibug/js/digibug.js @@ -0,0 +1,43 @@ +$(document).ready(function() { + $(".g-print-digibug-link").click(function(e) { + e.preventDefault(); + return digibug_popup(e.currentTarget.href, { width: 800, height: 600 } ); + }); +}); + +function digibug_popup(url, options) { + options = $.extend({ + /* default options */ + width: '800', + height: '600', + target: 'dbPopWin', + scrollbars: 'yes', + resizable: 'no', + menuBar: 'no', + addressBar: 'yes' + }, options); + + // center the window by default. + if (!options.winY) { + options.winY = screen.height / 2 - options.height / 2; + }; + if (!options.winX) { + options.winX = screen.width / 2 - options.width / 2; + }; + + open( + url, + options['target'], + 'width= ' + options.width + + ',height=' + options.height + + ',top=' + options.winY + + ',left=' + options.winX + + ',scrollbars=' + options.scrollbars + + ',resizable=' + options.resizable + + ',menubar=' + options.menuBar + + ',location=' + options.addressBar + ); + + return false; + +} diff --git a/3.0/modules/digibug/models/digibug_proxy.php b/3.0/modules/digibug/models/digibug_proxy.php new file mode 100644 index 00000000..18c77d49 --- /dev/null +++ b/3.0/modules/digibug/models/digibug_proxy.php @@ -0,0 +1,22 @@ +_server = $_SERVER; + } + + public function teardown() { + $_SERVER = $this->_server; + } + + private function _get_proxy() { + $album = test::random_album(); + $photo = test::random_photo($album); + + access::deny(identity::everybody(), "view_full", $album); + access::deny(identity::registered_users(), "view_full", $album); + + $proxy = ORM::factory("digibug_proxy"); + $proxy->uuid = random::hash(); + $proxy->item_id = $photo->id; + return $proxy->save(); + } + + public function digibug_request_thumb_test() { + $proxy = $this->_get_proxy(); + + $controller = new Digibug_Controller(); + $controller->print_proxy("thumb", $proxy->uuid); + } + + public function digibug_request_full_malicious_ip_test() { + $_SERVER["REMOTE_ADDR"] = "123.123.123.123"; + try { + $controller = new Digibug_Controller(); + $controller->print_proxy("full", $this->_get_proxy()->uuid); + $this->assert_true(false, "Should have failed with an 404 exception"); + } catch (Kohana_404_Exception $e) { + // expected behavior + } + } + + public function digibug_request_full_authorized_ip_test() { + $config = Kohana::config("digibug"); + $this->assert_true(!empty($config), "The Digibug config is empty"); + + $ranges = array_values($config["ranges"]); + $low = ip2long($ranges[0]["low"]); + $high = ip2long($ranges[0]["high"]); + + $_SERVER["REMOTE_ADDR"] = long2ip(rand($low, $high)); + $controller = new Digibug_Controller(); + $controller->print_proxy("full", $this->_get_proxy()->uuid); + } +} diff --git a/3.0/modules/digibug/views/admin_digibug.html.php b/3.0/modules/digibug/views/admin_digibug.html.php new file mode 100644 index 00000000..d673b116 --- /dev/null +++ b/3.0/modules/digibug/views/admin_digibug.html.php @@ -0,0 +1,20 @@ + +
+ = t("Turn your photos into a wide variety of prints, gifts and games!") ?> +
++ = t("You don't need an account with Digibug, but if you register with Digibug and enter your Digibug id in the Advanced Settings page you can make money off of your photos!", + array("signup_url" => "http://www.digibug.com/signup.php", + "advanced_settings_url" => html::mark_clean(url::site("admin/advanced_settings")))) ?> +
+