From 9e4f303742fd6b7ba252c99bd55e84d9dfd12f8d Mon Sep 17 00:00:00 2001
From: sw <939547590@qq.com>
Date: Sat, 23 May 2015 17:18:13 +0800
Subject: [PATCH 1/4] =?UTF-8?q?=E8=BF=98=E5=8E=9F=E9=83=A8=E5=88=86?=
 =?UTF-8?q?=E4=BB=A3=E7=A0=81?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/controllers/avatar_controller.rb | 62 ++++++++++++++++------------
 1 file changed, 35 insertions(+), 27 deletions(-)

diff --git a/app/controllers/avatar_controller.rb b/app/controllers/avatar_controller.rb
index b6efaef0c..afd206c92 100644
--- a/app/controllers/avatar_controller.rb
+++ b/app/controllers/avatar_controller.rb
@@ -29,43 +29,51 @@ class AvatarController < ApplicationController
     end
 
     if  @temp_file && (@temp_file.size > 0)
-      diskfile=disk_filename(@source_type,@source_id)
-      @urlfile='/' << File.join("images","avatars",avatar_directory(@source_type),avatar_filename(@source_id,@image_file))
+      if @temp_file.size > Setting.upload_avatar_max_size.to_i
+        @status = 1
+        @msg = l(:error_upload_avatar_to_large, :max_size => number_to_human_size(Setting.upload_avatar_max_size.to_i))
+      elsif Trustie::Utils::Image.new(@temp_file.tempfile.path).image?
+        diskfile=disk_filename(@source_type,@source_id)
+        @urlfile='/' << File.join("images","avatars",avatar_directory(@source_type),avatar_filename(@source_id,@image_file))
 
-      # 用户头像上传时进行特别处理
-      if  @source_type == 'User'
-        diskfile += "temp"
-        @urlfile += "temp"
-      end
+        # 用户头像上传时进行特别处理
+        if  @source_type == 'User'
+          diskfile += "temp"
+          @urlfile += "temp"
+        end
 
-      logger.info("Saving avatar '#{diskfile}' (#{@temp_file.size} bytes)")
-      path = File.dirname(diskfile)
-      unless File.directory?(path)
-        FileUtils.mkdir_p(path)
-      end
-      md5 = Digest::MD5.new
-      File.open(diskfile, "wb") do |f|
-        if @temp_file.respond_to?(:read)
-          buffer = ""
-          while (buffer = @temp_file.read(8192))
-            f.write(buffer)
-            md5.update(buffer)
+        logger.info("Saving avatar '#{diskfile}' (#{@temp_file.size} bytes)")
+        path = File.dirname(diskfile)
+        unless File.directory?(path)
+          FileUtils.mkdir_p(path)
+        end
+        md5 = Digest::MD5.new
+        File.open(diskfile, "wb") do |f|
+          if @temp_file.respond_to?(:read)
+            buffer = ""
+            while (buffer = @temp_file.read(8192))
+              f.write(buffer)
+              md5.update(buffer)
+            end
+          else
+            f.write(@temp_file)
+            md5.update(@temp_file)
           end
-        else
-          f.write(@temp_file)
-          md5.update(@temp_file)
         end
+
+        Trustie::Utils::Image.new(diskfile,true).compress(300)
+        @status = 0
+        @msg = ''
+      else
+        @status = 2
+        @msg = l(:not_valid_image_file)
       end
-#    self.digest = md5.hexdigest
     end
     @temp_file = nil
 
-    image = Trustie::Utils::Image.new(diskfile,true)
-    image.compress(300)
-
     respond_to do |format|
       format.json{
-        render :inline => "#{@urlfile.to_s}?#{Time.now.to_i}",:content_type => 'text/html'
+        render :inline => {status: @status, message:@msg, url:"#{@urlfile.to_s}?#{Time.now.to_i}"}.to_json,:content_type => 'text/html'
         return
       }
       format.js

From 6f1573881712d5b7e6e399b2e1bfa620657ec7a4 Mon Sep 17 00:00:00 2001
From: guange <8863824@gmail.com>
Date: Thu, 28 May 2015 12:23:56 +0800
Subject: [PATCH 2/4] =?UTF-8?q?=E6=8D=A2=E4=B8=80=E4=B8=AAautologin,?=
 =?UTF-8?q?=E8=A7=A3=E5=86=B3=E8=80=81=E6=95=B0=E6=8D=AE=E9=97=AE=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/controllers/account_controller.rb     | 4 +++-
 app/controllers/application_controller.rb | 6 +++++-
 config/configuration.yml                  | 5 ++---
 3 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/app/controllers/account_controller.rb b/app/controllers/account_controller.rb
index dc1cceb87..181f76b22 100644
--- a/app/controllers/account_controller.rb
+++ b/app/controllers/account_controller.rb
@@ -336,9 +336,11 @@ class AccountController < ApplicationController
       :expires => 1.month.from_now,
       :path => (Redmine::Configuration['autologin_cookie_path'] || '/'),
       :secure => (Redmine::Configuration['autologin_cookie_secure'] ? true : false),
-      :domain => Redmine::Configuration['cookie_domain'],
       :httponly => true
     }
+    if Redmine::Configuration['cookie_domain'].present?
+      cookie_options = cookie_options.merge(domain: Redmine::Configuration['cookie_domain'])
+    end
     cookies[autologin_cookie_name] = cookie_options
   end
 
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 88cd51d67..10e5e6f06 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -199,7 +199,11 @@ class ApplicationController < ActionController::Base
   # Logs out current user
   def logout_user
     if User.current.logged?
-      cookies.delete(autologin_cookie_name, domain: :all)
+      if Redmine::Configuration['cookie_domain'].present?
+        cookies.delete(autologin_cookie_name, domain: Redmine::Configuration['cookie_domain'])
+      else
+        cookies.delete autologin_cookie_name
+      end
       # Token.delete_all(["user_id = ? AND action = ?", User.current.id, 'autologin'])
       self.logged_user = nil
     end
diff --git a/config/configuration.yml b/config/configuration.yml
index 45e307157..390754a87 100644
--- a/config/configuration.yml
+++ b/config/configuration.yml
@@ -90,7 +90,6 @@ default:
       user_name: "huang.jingquan@163.com"
       password: 'xinhu1ji2qu366'
 
-  cookie_domain: ".trustie.net"
   # Absolute path to the directory where attachments are stored.
   # The default is the 'files' directory in your Redmine instance.
   # Your Redmine instance needs to have write permission on this
@@ -104,7 +103,7 @@ default:
   # autologin_cookie_name: the name of the cookie (default: autologin)
   # autologin_cookie_path: the cookie path (default: /)
   # autologin_cookie_secure: true sets the cookie secure flag (default: false)
-  autologin_cookie_name:
+  autologin_cookie_name: "autologin_trustie"
   autologin_cookie_path:
   autologin_cookie_secure:
 
@@ -201,7 +200,7 @@ default:
 # specific configuration options for production environment
 # that overrides the default ones
 production:
-  # CJK support
+  cookie_domain: ".trustie.net"
   rmagick_font_path: /usr/share/fonts/ipa-mincho/ipam.ttf
   email_delivery:
     delivery_method: :smtp

From 8dd6bb4afa886d1a04edf82799b5482128f83576 Mon Sep 17 00:00:00 2001
From: sw <939547590@qq.com>
Date: Fri, 29 May 2015 18:11:31 +0800
Subject: [PATCH 3/4] =?UTF-8?q?=E8=AF=BE=E7=A8=8B=E9=A6=96=E9=A1=B5?=
 =?UTF-8?q?=E5=85=AC=E5=BC=80=E8=B5=84=E6=96=99=E6=95=B0=E6=98=BE=E7=A4=BA?=
 =?UTF-8?q?=E9=94=99=E8=AF=AF?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/views/welcome/_course_list.html.erb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/views/welcome/_course_list.html.erb b/app/views/welcome/_course_list.html.erb
index 111c0abb1..d51bcc8f7 100644
--- a/app/views/welcome/_course_list.html.erb
+++ b/app/views/welcome/_course_list.html.erb
@@ -25,7 +25,7 @@
             <%= link_to course.school.name.try(:gsub, /(.+)$/, '\1'), options={:action => 'course', :school_id => course.school.id}, html_options={:method => 'get'} %>
         <% end %>
         (<%= course.members.count %>人)
-        <% files_count = course.attachments.count %>
+        <% files_count = visable_attachemnts_incourse(course).count %>
         <% if files_count > 0%>
             (<%= link_to "#{files_count.to_s}份", course_files_path(course) %>公开资料)
         <% end %>

From b5dc4247144cb073fd4164a6cbc5f7f498155602 Mon Sep 17 00:00:00 2001
From: sw <939547590@qq.com>
Date: Fri, 29 May 2015 18:35:19 +0800
Subject: [PATCH 4/4] =?UTF-8?q?bid=E8=B6=85=E8=BF=8720=E8=A1=8C=E6=89=8D?=
 =?UTF-8?q?=E6=98=BE=E7=A4=BA=E6=9B=B4=E5=A4=9A=E6=8C=89=E9=92=AE?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/views/courses/homework.html.erb | 2 +-
 public/stylesheets/courses.css      | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/views/courses/homework.html.erb b/app/views/courses/homework.html.erb
index 7b74351cd..32728adf0 100644
--- a/app/views/courses/homework.html.erb
+++ b/app/views/courses/homework.html.erb
@@ -31,7 +31,7 @@
         <% end %>
         <div class="cl"></div>
         <script>
-            $(function(){if($("#bid_description_<%= bid.id%>_content").height()>38){$("#bid_show_more_des_button<%= bid.id%>").show();}});
+            $(function(){if($("#bid_description_<%= bid.id%>_content").height()>360){$("#bid_show_more_des_button<%= bid.id%>").show();}});
         </script>
         <div  id="bid_description_<%= bid.id%>" class="news_description mt5">
           <div id="bid_description_<%= bid.id%>_content" class="upload_img">
diff --git a/public/stylesheets/courses.css b/public/stylesheets/courses.css
index 5333b91a7..d27895b03 100644
--- a/public/stylesheets/courses.css
+++ b/public/stylesheets/courses.css
@@ -19,7 +19,7 @@ a:hover.project_name{ color:#016f33;}
 a.project_txt02{ color:#0781b4; width:618px; display:block; float:left;  overflow:hidden; white-space: nowrap; text-overflow:ellipsis;}
 a:hover.project_txt{ color:#066e9a;}
 .noline{ border-bottom:none;}
-.news_description{max-height: 38px;overflow:hidden; }
+.news_description{max-height: 360px;overflow:hidden; }
 .news_description_none{max-height: none;}
 a.news_foot{ border:1px solid #e8eef2; color: #929598; text-align:center; width:600px; height:20px; padding-top:3px; cursor:pointer;}
 a:hover.news_foot{ color:#787b7e; border:1px solid #d4d4d4;}