fixes #2133

Gemfile

@@ -11,14 +11,12 @@ group :test do
   gem "timecop"
 end
 
-group :assets do
+gem 'protected_attributes'
-  gem "sass-rails"
+gem "sass-rails", "~> 4.0.0"
-  gem "uglifier", ">= 1.0.3"
+gem "uglifier"
-  gem "therubyracer", :platforms => :ruby
+gem "therubyracer", :platforms => :ruby
-end
-
 gem "pry", :group => [:test, :development]
-gem "rails"
+gem "rails", "~> 4.1.0"
 gem "pg"
 gem "kgio"
 gem "dalli"
@@ -37,11 +35,15 @@ gem 'newrelic_rpm'
 gem 'term-ansicolor', :require => "term/ansicolor"
 gem 'diff-lcs', :require => "diff/lcs/array"
 gem 'bcrypt-ruby', :require => "bcrypt"
-gem 'aws-s3', :require => "aws/s3"
 gem 'awesome_print'
 gem 'statistics2'
+
+# needed for looser jpeg header compat
 gem 'ruby-imagespec', :require => "image_spec", :git => "https://github.com/r888888888/ruby-imagespec.git", :branch => "exif-fixes"
 
+# needed for rails 4.1.0 compat
+gem 'aws-s3', :require => "aws/s3", :git => "https://github.com/fnando/aws-s3.git"
+
 group :production do
   gem 'unicorn', :platforms => :ruby
   gem 'capistrano-unicorn', :require => false

Gemfile.lock

@@ -1,3 +1,12 @@
+GIT
+  remote: https://github.com/fnando/aws-s3.git
+  revision: fef95c2dc17758f3e417630e794fcfad76eb33b3
+  specs:
+    aws-s3 (0.6.3)
+      builder
+      mime-types
+      xml-simple
+
 GIT
   remote: https://github.com/r888888888/ruby-imagespec.git
   revision: 2dab9811f4abb4fbaeea66feb42e388ba545b2d8
@@ -8,83 +17,79 @@ GIT
 GEM
   remote: http://gemcutter.org/
   specs:
-    actionmailer (3.2.17)
+    actionmailer (4.1.0)
-      actionpack (= 3.2.17)
+      actionpack (= 4.1.0)
+      actionview (= 4.1.0)
       mail (~> 2.5.4)
-    actionpack (3.2.17)
+    actionpack (4.1.0)
-      activemodel (= 3.2.17)
+      actionview (= 4.1.0)
-      activesupport (= 3.2.17)
+      activesupport (= 4.1.0)
-      builder (~> 3.0.0)
+      rack (~> 1.5.2)
+      rack-test (~> 0.6.2)
+    actionview (4.1.0)
+      activesupport (= 4.1.0)
+      builder (~> 3.1)
       erubis (~> 2.7.0)
-      journey (~> 1.0.4)
+    activemodel (4.1.0)
-      rack (~> 1.4.5)
+      activesupport (= 4.1.0)
-      rack-cache (~> 1.2)
+      builder (~> 3.1)
-      rack-test (~> 0.6.1)
+    activerecord (4.1.0)
-      sprockets (~> 2.2.1)
+      activemodel (= 4.1.0)
-    activemodel (3.2.17)
+      activesupport (= 4.1.0)
-      activesupport (= 3.2.17)
+      arel (~> 5.0.0)
-      builder (~> 3.0.0)
+    activesupport (4.1.0)
-    activerecord (3.2.17)
+      i18n (~> 0.6, >= 0.6.9)
-      activemodel (= 3.2.17)
+      json (~> 1.7, >= 1.7.7)
-      activesupport (= 3.2.17)
+      minitest (~> 5.1)
-      arel (~> 3.0.2)
+      thread_safe (~> 0.1)
-      tzinfo (~> 0.3.29)
+      tzinfo (~> 1.1)
-    activeresource (3.2.17)
+    addressable (2.3.6)
-      activemodel (= 3.2.17)
+    arel (5.0.1.20140414130214)
-      activesupport (= 3.2.17)
+    awesome_print (1.2.0)
-    activesupport (3.2.17)
+    bcrypt (3.1.7)
-      i18n (~> 0.6, >= 0.6.4)
+    bcrypt-ruby (3.1.5)
-      multi_json (~> 1.0)
+      bcrypt (>= 3.1.3)
-    addressable (2.3.5)
+    builder (3.2.2)
-    arel (3.0.3)
-    awesome_print (1.1.0)
-    aws-s3 (0.6.3)
-      builder
-      mime-types
-      xml-simple
-    bcrypt-ruby (3.1.1)
-    builder (3.0.4)
     capistrano (2.15.5)
       highline
       net-scp (>= 1.0.0)
       net-sftp (>= 2.0.0)
       net-ssh (>= 2.0.14)
       net-ssh-gateway (>= 1.1.0)
-    capistrano-unicorn (0.1.10)
+    capistrano-unicorn (0.2.0)
-      capistrano
+      capistrano (< 3.0)
-    chronic (0.9.1)
+    chronic (0.10.2)
-    coderay (1.0.9)
+    coderay (1.1.0)
-    crack (0.4.1)
+    crack (0.4.2)
-      safe_yaml (~> 0.9.0)
+      safe_yaml (~> 1.0.0)
     daemons (1.1.9)
-    dalli (2.6.4)
+    dalli (2.7.0)
-    delayed_job (4.0.0)
+    delayed_job (4.0.1)
-      activesupport (>= 3.0, < 4.1)
+      activesupport (>= 3.0, < 4.2)
-    delayed_job_active_record (4.0.0)
+    delayed_job_active_record (4.0.1)
-      activerecord (>= 3.0, < 4.1)
+      activerecord (>= 3.0, < 4.2)
       delayed_job (>= 3.0, < 4.1)
-    diff-lcs (1.2.4)
+    diff-lcs (1.2.5)
-    domain_name (0.5.12)
+    docile (1.1.3)
+    domain_name (0.5.18)
       unf (>= 0.0.5, < 1.0.0)
     erubis (2.7.0)
-    execjs (1.4.0)
+    execjs (2.0.2)
-      multi_json (~> 1.0)
+    factory_girl (4.4.0)
-    factory_girl (4.2.0)
       activesupport (>= 3.0.0)
-    ffaker (1.18.0)
+    ffaker (1.24.0)
-    highline (1.6.19)
+    highline (1.6.21)
     hike (1.2.3)
-    http-cookie (1.0.1)
+    http-cookie (1.0.2)
       domain_name (~> 0.5)
     i18n (0.6.9)
-    journey (1.0.4)
     json (1.8.1)
-    kgio (2.8.0)
+    kgio (2.9.2)
-    libv8 (3.11.8.17)
+    libv8 (3.16.14.3)
     mail (2.5.4)
       mime-types (~> 1.16)
       treetop (~> 1.4.8)
-    mechanize (2.7.1)
+    mechanize (2.7.2)
       domain_name (~> 0.5, >= 0.5.1)
       http-cookie (~> 1.0.0)
       mime-types (~> 1.17, >= 1.17.2)
@@ -93,128 +98,133 @@ GEM
       nokogiri (~> 1.4)
       ntlm-http (~> 0.1, >= 0.1.1)
       webrobots (>= 0.0.9, < 0.2)
-    metaclass (0.0.1)
+    metaclass (0.0.4)
     method_source (0.8.2)
     mime-types (1.25.1)
-    mini_portile (0.5.1)
+    mini_portile (0.5.3)
-    mocha (0.14.0)
+    minitest (5.3.2)
+    mocha (1.0.0)
       metaclass (~> 0.0.1)
-    multi_json (1.8.4)
+    multi_json (1.9.2)
     net-http-digest_auth (1.4)
-    net-http-persistent (2.9)
+    net-http-persistent (2.9.4)
-    net-scp (1.1.2)
+    net-scp (1.2.0)
       net-ssh (>= 2.6.5)
     net-sftp (2.1.2)
       net-ssh (>= 2.6.5)
-    net-ssh (2.6.8)
+    net-ssh (2.8.0)
     net-ssh-gateway (1.2.0)
       net-ssh (>= 2.6.5)
-    newrelic_rpm (3.6.6.147)
+    newrelic_rpm (3.7.3.204)
-    nokogiri (1.6.0)
+    nokogiri (1.6.1)
       mini_portile (~> 0.5.0)
     ntlm-http (0.1.1)
-    pg (0.12.2)
+    pg (0.17.1)
     polyglot (0.3.4)
-    pry (0.9.12.2)
+    protected_attributes (1.0.7)
-      coderay (~> 1.0.5)
+      activemodel (>= 4.0.1, < 5.0)
+    pry (0.9.12.6)
+      coderay (~> 1.0)
       method_source (~> 0.8)
       slop (~> 3.4)
-    rack (1.4.5)
+    rack (1.5.2)
-    rack-cache (1.2)
-      rack (>= 0.4)
-    rack-ssl (1.3.3)
-      rack
     rack-test (0.6.2)
       rack (>= 1.0)
-    rails (3.2.17)
+    rails (4.1.0)
-      actionmailer (= 3.2.17)
+      actionmailer (= 4.1.0)
-      actionpack (= 3.2.17)
+      actionpack (= 4.1.0)
-      activerecord (= 3.2.17)
+      actionview (= 4.1.0)
-      activeresource (= 3.2.17)
+      activemodel (= 4.1.0)
-      activesupport (= 3.2.17)
+      activerecord (= 4.1.0)
-      bundler (~> 1.0)
+      activesupport (= 4.1.0)
-      railties (= 3.2.17)
+      bundler (>= 1.3.0, < 2.0)
-    railties (3.2.17)
+      railties (= 4.1.0)
-      actionpack (= 3.2.17)
+      sprockets-rails (~> 2.0)
-      activesupport (= 3.2.17)
+    railties (4.1.0)
-      rack-ssl (~> 1.3.2)
+      actionpack (= 4.1.0)
+      activesupport (= 4.1.0)
       rake (>= 0.8.7)
-      rdoc (~> 3.4)
+      thor (>= 0.18.1, < 2.0)
-      thor (>= 0.14.6, < 2.0)
+    raindrops (0.13.0)
-    raindrops (0.11.0)
+    rake (10.2.2)
-    rake (10.1.1)
-    rdoc (3.12.2)
-      json (~> 1.4)
     ref (1.0.5)
     rmagick (2.13.2)
-    ruby-prof (0.13.0)
+    ruby-prof (0.14.2)
-    safe_yaml (0.9.5)
+    safe_yaml (1.0.2)
-    sanitize (2.0.6)
+    sanitize (2.1.0)
       nokogiri (>= 1.4.4)
-    sass (3.2.10)
+    sass (3.2.19)
-    sass-rails (3.2.6)
+    sass-rails (4.0.3)
-      railties (~> 3.2.0)
+      railties (>= 4.0.0, < 5.0)
-      sass (>= 3.1.10)
+      sass (~> 3.2.0)
-      tilt (~> 1.3)
+      sprockets (~> 2.8, <= 2.11.0)
+      sprockets-rails (~> 2.0)
     shoulda (3.5.0)
       shoulda-context (~> 1.0, >= 1.0.1)
       shoulda-matchers (>= 1.4.1, < 3.0)
-    shoulda-context (1.1.4)
+    shoulda-context (1.2.1)
-    shoulda-matchers (2.2.0)
+    shoulda-matchers (2.6.0)
       activesupport (>= 3.0.0)
-    simple_form (2.1.0)
+    simple_form (3.0.2)
-      actionpack (~> 3.0)
+      actionpack (~> 4.0)
-      activemodel (~> 3.0)
+      activemodel (~> 4.0)
-    simplecov (0.7.1)
+    simplecov (0.8.2)
-      multi_json (~> 1.0)
+      docile (~> 1.1.0)
-      simplecov-html (~> 0.7.1)
+      multi_json
-    simplecov-html (0.7.1)
+      simplecov-html (~> 0.8.0)
-    slop (3.4.6)
+    simplecov-html (0.8.0)
-    sprockets (2.2.2)
+    slop (3.5.0)
+    sprockets (2.11.0)
       hike (~> 1.2)
       multi_json (~> 1.0)
       rack (~> 1.0)
       tilt (~> 1.1, != 1.3.0)
+    sprockets-rails (2.1.3)
+      actionpack (>= 3.0)
+      activesupport (>= 3.0)
+      sprockets (~> 2.8)
     statistics2 (0.54)
-    term-ansicolor (1.2.2)
+    term-ansicolor (1.3.0)
-      tins (~> 0.8)
+      tins (~> 1.0)
-    therubyracer (0.11.4)
+    therubyracer (0.12.1)
-      libv8 (~> 3.11.8.12)
+      libv8 (~> 3.16.14.0)
       ref
-    thor (0.18.1)
+    thor (0.19.1)
+    thread_safe (0.3.3)
     tilt (1.4.1)
-    timecop (0.6.3)
+    timecop (0.7.1)
-    tins (0.8.3)
+    tins (1.1.0)
     treetop (1.4.15)
       polyglot
       polyglot (>= 0.3.1)
-    tzinfo (0.3.38)
+    tzinfo (1.1.0)
-    uglifier (2.1.2)
+      thread_safe (~> 0.1)
+    uglifier (2.5.0)
       execjs (>= 0.3.0)
-      multi_json (~> 1.0, >= 1.0.2)
+      json (>= 1.8.0)
-    unf (0.1.1)
+    unf (0.1.4)
       unf_ext
     unf_ext (0.0.6)
-    unicorn (4.6.3)
+    unicorn (4.8.2)
       kgio (~> 2.6)
       rack
       raindrops (~> 0.7)
-    vcr (2.5.0)
+    vcr (2.9.0)
-    webmock (1.13.0)
+    webmock (1.17.4)
       addressable (>= 2.2.7)
       crack (>= 0.3.2)
     webrobots (0.1.1)
-    whenever (0.8.4)
+    whenever (0.9.2)
       activesupport (>= 2.3.4)
       chronic (>= 0.6.3)
-    xml-simple (1.1.2)
+    xml-simple (1.1.3)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
   awesome_print
-  aws-s3
+  aws-s3!
   bcrypt-ruby
   capistrano-unicorn
   daemons
@@ -232,13 +242,14 @@ DEPENDENCIES
   newrelic_rpm
   nokogiri
   pg
+  protected_attributes
   pry
-  rails
+  rails (~> 4.1.0)
   rmagick
   ruby-imagespec!
   ruby-prof
   sanitize
-  sass-rails
+  sass-rails (~> 4.0.0)
   shoulda
   simple_form
   simplecov
@@ -246,7 +257,7 @@ DEPENDENCIES
   term-ansicolor
   therubyracer
   timecop
-  uglifier (>= 1.0.3)
+  uglifier
   unicorn
   vcr
   webmock

Rakefile

@@ -4,4 +4,4 @@
 require File.expand_path('../config/application', __FILE__)
 require 'rake'
 
-Danbooru::Application.load_tasks
+Rails.application.load_tasks

app/controllers/application_controller.rb

@@ -120,9 +120,9 @@ protected
 
   def secure_cookies_check
     if request.ssl?
-      Danbooru::Application.config.session_store :cookie_store, :key => '_danbooru_session', :secure => true
+      Rails.application.config.session_store :cookie_store, :key => '_danbooru_session', :secure => true
     else
-      Danbooru::Application.config.session_store :cookie_store, :key => '_danbooru_session', :secure => false
+      Rails.application.config.session_store :cookie_store, :key => '_danbooru_session', :secure => false
     end
   end
 end

app/logical/post_query_builder.rb

@@ -106,7 +106,7 @@ class PostQueryBuilder
       q = Tag.parse_query(query_string)
     end
 
-    relation = Post.scoped
+    relation = Post.where("true")
 
     if q[:tag_count].to_i > Danbooru.config.tag_query_limit
       raise ::Post::SearchError.new("You cannot search for more than #{Danbooru.config.tag_query_limit} tags at a time")

app/logical/post_sets/favorite.rb

@@ -1,5 +1,5 @@
 module PostSets
-  class Favorite < Base
+  class Favorite < PostSets::Base
     attr_reader :user, :page, :favorites, :params
 
     def initialize(user_id, page = 1, params = {})

app/logical/post_sets/note.rb

@@ -1,5 +1,5 @@
 module PostSets
-  class Note < Post
+  class Note < PostSets::Post
     attr_reader :params
     
     def initialize(params)

app/logical/post_sets/pool.rb

@@ -1,5 +1,5 @@
 module PostSets
-  class Pool < Base
+  class Pool < PostSets::Base
     module ActiveRecordExtension
       attr_accessor :total_pages, :current_page
     end

app/logical/post_sets/popular.rb

@@ -1,5 +1,5 @@
 module PostSets
-  class Popular < Base
+  class Popular < PostSets::Base
     attr_reader :date, :scale
 
     def initialize(date, scale)

app/logical/post_sets/post.rb

@@ -1,5 +1,5 @@
 module PostSets
-  class Post < Base
+  class Post < PostSets::Base
     attr_reader :tag_array, :page, :per_page, :raw
 
     def initialize(tags, page = 1, per_page = nil, raw = false)

app/models/advertisement.rb

@@ -3,6 +3,7 @@ class Advertisement < ActiveRecord::Base
   has_many :hits, :class_name => "AdvertisementHit"
   after_create :copy_to_servers
   after_destroy :delete_from_servers
+  attr_accessible :ad_type, :width, :height, :referral_url, :status, :file_name, :is_work_safe, :hit_count
 
   def copy_to_servers
     RemoteFileManager.new(image_path).distribute

app/models/advertisement_hit.rb

@@ -2,4 +2,5 @@ class AdvertisementHit < ActiveRecord::Base
   belongs_to :advertisement
 
   scope :between, lambda {|start_date, end_date| where("created_at BETWEEN ? AND ?", start_date, end_date)}
+  attr_accessible :ip_addr
 end

app/models/amazon_backup.rb

@@ -2,6 +2,8 @@ require 'base64'
 require 'digest/md5'
 
 class AmazonBackup < ActiveRecord::Base
+  attr_accessible :last_id
+  
   def self.last_id
     first.last_id
   end

app/models/artist.rb

@@ -8,7 +8,7 @@ class Artist < ActiveRecord::Base
   belongs_to :creator, :class_name => "User"
   has_many :members, :class_name => "Artist", :foreign_key => "group_name", :primary_key => "name"
   has_many :urls, :dependent => :destroy, :class_name => "ArtistUrl"
-  has_many :versions, :order => "artist_versions.id ASC", :class_name => "ArtistVersion"
+  has_many :versions, lambda {order("artist_versions.id ASC")}, :class_name => "ArtistVersion"
   has_one :wiki_page, :foreign_key => "title", :primary_key => "name"
   has_one :tag_alias, :foreign_key => "antecedent_name", :primary_key => "name"
   has_one :tag, :foreign_key => "name", :primary_key => "name"
@@ -33,7 +33,7 @@ class Artist < ActiveRecord::Base
           break if url =~ /pixiv\.net\/(?:img\/)?$/
         end
 
-        artists.uniq_by {|x| x.name}.slice(0, 20)
+        artists.inject({}) {|h, x| h[x.name] = x; h}.values.slice(0, 20)
       end
     end
 
@@ -322,7 +322,7 @@ class Artist < ActiveRecord::Base
     end
 
     def search(params)
-      q = scoped
+      q = where("true")
       params = {} if params.blank?
 
       case params[:name]

app/models/artist_commentary.rb

@@ -2,7 +2,7 @@ class ArtistCommentary < ActiveRecord::Base
   attr_accessible :post_id, :original_description, :original_title, :translated_description, :translated_title
   validates_uniqueness_of :post_id
   belongs_to :post
-  has_many :versions, :class_name => "ArtistCommentaryVersion", :dependent => :destroy, :foreign_key => :post_id, :primary_key => :post_id, :order => "artist_commentary_versions.id ASC"
+  has_many :versions, lambda {order("artist_commentary_versions.id ASC")}, :class_name => "ArtistCommentaryVersion", :dependent => :destroy, :foreign_key => :post_id, :primary_key => :post_id
   after_save :create_version
 
   module SearchMethods
@@ -17,7 +17,7 @@ class ArtistCommentary < ActiveRecord::Base
     end
 
     def search(params)
-      q = scoped
+      q = where("true")
       params = {} if params.blank?
 
       if params[:text_matches].present?

app/models/artist_commentary_version.rb

@@ -2,6 +2,7 @@ class ArtistCommentaryVersion < ActiveRecord::Base
   before_validation :initialize_updater
   belongs_to :updater, :class_name => "User"
   scope :for_user, lambda {|user_id| where("updater_id = ?", user_id)}
+  attr_accessible :post_id, :original_title, :original_description, :translated_title, :translated_description
 
   def self.search(params)
     q = scoped

app/models/artist_url.rb

@@ -2,6 +2,7 @@ class ArtistUrl < ActiveRecord::Base
   before_save :normalize
   validates_presence_of :url
   belongs_to :artist
+  attr_accessible :url, :artist_id, :normalized_url
 
   def self.normalize(url)
     if url.nil?

app/models/artist_version.rb

@@ -1,6 +1,7 @@
 class ArtistVersion < ActiveRecord::Base
   belongs_to :updater, :class_name => "User"
   belongs_to :artist
+  attr_accessible :artist_id, :name, :is_active, :other_names, :group_name, :url_string, :is_banned, :updater_id, :updater_ip_addr
 
   module SearchMethods
     def for_user(user_id)
@@ -12,7 +13,7 @@ class ArtistVersion < ActiveRecord::Base
     end
 
     def search(params)
-      q = scoped
+      q = where("true")
       return q if params.blank?
 
       if params[:name].present?

app/models/ban.rb

@@ -15,7 +15,7 @@ class Ban < ActiveRecord::Base
   end
 
   def self.search(params)
-    q = scoped
+    q = where("true")
     return q if params.blank?
 
     if params[:banner_name]

app/models/comment.rb

@@ -45,7 +45,7 @@ class Comment < ActiveRecord::Base
     end
 
     def search(params)
-      q = scoped
+      q = where("true")
       return q if params.blank?
 
       if params[:body_matches].present?
@@ -139,9 +139,9 @@ class Comment < ActiveRecord::Base
   end
 
   def update_last_commented_at_on_create
-    Post.update_all(["last_commented_at = ?", created_at], ["id = ?", post_id])
+    Post.where(:id => post_id).update_all(:last_commented_at => created_at)
     if Comment.where("post_id = ?", post_id).count <= Danbooru.config.comment_threshold && !do_not_bump_post?
-      Post.update_all(["last_comment_bumped_at = ?", created_at], ["id = ?", post_id])
+      Post.where(:id => post_id).update_all(:last_comment_bumped_at => created_at)
     end
     true
   end
@@ -149,16 +149,16 @@ class Comment < ActiveRecord::Base
   def update_last_commented_at_on_destroy
     other_comments = Comment.where("post_id = ? and id <> ?", post_id, id).order("id DESC")
     if other_comments.count == 0
-      Post.update_all("last_commented_at = NULL", ["id = ?", post_id])
+      Post.where(:id => post_id).update_all(:last_commented_at => nil)
     else
-      Post.update_all(["last_commented_at = ?", other_comments.first.created_at], ["id = ?", post_id])
+      Post.where(:id => post_id).update_all(:last_commented_at => other_comments.first.created_at)
     end
 
     other_comments = other_comments.where("do_not_bump_post = FALSE")
     if other_comments.count == 0
-      Post.update_all("last_comment_bumped_at = NULL", ["id = ?", post_id])
+      Post.where(:id => post_id).update_all(:last_comment_bumped_at => nil)
     else
-      Post.update_all(["last_comment_bumped_at = ?", other_comments.first.created_at], ["id = ?", post_id])
+      Post.where(:id => post_id).update_all(:last_comment_bumped_at => other_comments.first.created_at)
     end
 
     true

app/models/comment_vote.rb

@@ -9,13 +9,14 @@ class CommentVote < ActiveRecord::Base
   validate :validate_user_can_vote
   validate :validate_comment_can_be_down_voted
   validates_inclusion_of :score, :in => [-1, 1], :message => "must be 1 or -1"
+  attr_accessible :comment_id, :user_id, :score
 
   def self.prune!
     destroy_all("created_at < ?", 14.days.ago)
   end
 
   def self.search(params)
-    q = scoped
+    q = where("true")
     return q if params.blank?
 
     if params[:comment_id]

app/models/dmail.rb

@@ -124,7 +124,7 @@ class Dmail < ActiveRecord::Base
     end
 
     def search(params)
-      q = scoped
+      q = where("true")
       return q if params.blank?
 
       if params[:message_matches].present?

app/models/favorite.rb

@@ -1,6 +1,7 @@
 class Favorite < ActiveRecord::Base
   belongs_to :post
   scope :for_user, lambda {|user_id| where("user_id % 100 = #{user_id.to_i % 100} and user_id = #{user_id.to_i}")}
+  attr_accessible :user_id, :post_id
 
   # this is necessary because there's no trigger for deleting favorites
   def self.destroy_all(hash)
@@ -14,11 +15,11 @@ class Favorite < ActiveRecord::Base
   def self.add(post, user)
     Favorite.transaction do
       return if Favorite.for_user(user.id).where(:user_id => user.id, :post_id => post.id).exists?
-      Favorite.create(:user_id => user.id, :post_id => post.id)
+      Favorite.create!(:user_id => user.id, :post_id => post.id)
-      Post.update_all("fav_count = fav_count + 1", {:id => post.id})
+      Post.where(:id => post.id).update_all("fav_count = fav_count + 1")
-      Post.update_all("score = score + 1", {:id => post.id}) if user.is_gold?
+      Post.where(:id => post.id).update_all("score = score + 1") if user.is_gold?
       post.append_user_to_fav_string(user.id)
-      User.update_all("favorite_count = favorite_count + 1", {:id => user.id})
+      User.where(:id => user.id).update_all("favorite_count = favorite_count + 1")
       user.favorite_count += 1
       # post.fav_count += 1 # this is handled in Post#clean_fav_string!
       post.score += 1 if user.is_gold?
@@ -29,10 +30,10 @@ class Favorite < ActiveRecord::Base
     Favorite.transaction do
       return unless Favorite.for_user(user.id).where(:user_id => user.id, :post_id => post.id).exists?
       Favorite.destroy_all(:user_id => user.id, :post_id => post.id)
-      Post.update_all("fav_count = fav_count - 1", {:id => post.id})
+      Post.where(:id => post.id).update_all("fav_count = fav_count - 1")
-      Post.update_all("score = score - 1", {:id => post.id}) if user.is_gold?
+      Post.where(:id => post.id).update_all("Score = score - 1") if user.is_gold?
       post.delete_user_from_fav_string(user.id)
-      User.update_all("favorite_count = favorite_count - 1", {:id => user.id})
+      User.where(:id => user.id).update_all("favorite_count = favorite_count - 1")
       user.favorite_count -= 1
       post.fav_count -= 1
       post.score -= 1 if user.is_gold?

app/models/forum_post.rb

@@ -46,7 +46,7 @@ class ForumPost < ActiveRecord::Base
     end
 
     def search(params)
-      q = scoped
+      q = where("true")
       return q if params.blank?
 
       if params[:creator_id].present?
@@ -109,7 +109,7 @@ class ForumPost < ActiveRecord::Base
   def update_topic_updated_at_on_create
     if topic
       # need to do this to bypass the topic's original post from getting touched
-      ForumTopic.update_all(["updater_id = ?, response_count = response_count + 1, updated_at = ?", CurrentUser.id, Time.now], {:id => topic.id})
+      ForumTopic.where(:id => topic.id).update_all(["updater_id = ?, response_count = response_count + 1, updated_at = ?", CurrentUser.id, Time.now])
     end
   end
 
@@ -132,9 +132,9 @@ class ForumPost < ActiveRecord::Base
   def update_topic_updated_at_on_destroy
     max = ForumPost.where(:topic_id => topic.id, :is_deleted => false).order("updated_at desc").first
     if max
-      ForumTopic.update_all(["response_count = response_count - 1, updated_at = ?, updater_id = ?", max.updated_at, max.updater_id], {:id => topic.id})
+      ForumTopic.where(:id => topic.id).update_all(["response_count = response_count - 1, updated_at = ?, updater_id = ?", max.updated_at, max.updater_id])
     else
-      ForumTopic.update_all(["response_count = response_count - 1"], {:id => topic.id})
+      ForumTopic.where(:id => topic.id).update_all("response_count = response_count - 1")
     end
   end
 

app/models/forum_topic.rb

@@ -9,8 +9,8 @@ class ForumTopic < ActiveRecord::Base
   attr_accessible :is_sticky, :is_locked, :is_deleted, :as => [:janitor, :admin, :moderator]
   belongs_to :creator, :class_name => "User"
   belongs_to :updater, :class_name => "User"
-  has_many :posts, :class_name => "ForumPost", :order => "forum_posts.id asc", :foreign_key => "topic_id", :dependent => :destroy
+  has_many :posts, lambda {order("forum_posts.id asc")}, :class_name => "ForumPost", :foreign_key => "topic_id", :dependent => :destroy
-  has_one :original_post, :class_name => "ForumPost", :order => "forum_posts.id asc", :foreign_key => "topic_id"
+  has_one :original_post, lambda {order("forum_posts.id asc")}, :class_name => "ForumPost", :foreign_key => "topic_id"
   before_validation :initialize_creator, :on => :create
   before_validation :initialize_updater
   before_validation :initialize_is_deleted, :on => :create
@@ -55,7 +55,7 @@ class ForumTopic < ActiveRecord::Base
     end
 
     def search(params)
-      q = scoped
+      q = where("true")
       return q if params.blank?
 
       if params[:title_matches].present?
@@ -133,7 +133,7 @@ class ForumTopic < ActiveRecord::Base
   end
 
   def update_last_forum_read_at(read_forum_topic_ids)
-    query = ForumTopic.scoped
+    query = ForumTopic.where("true")
     if CurrentUser.user.last_forum_read_at.present?
       query = query.where("updated_at >= ?", CurrentUser.last_forum_read_at)
     end
@@ -150,7 +150,7 @@ class ForumTopic < ActiveRecord::Base
   end
 
   def merge(topic)
-    ForumPost.update_all({:topic_id => id}, :id => topic.posts.map(&:id))
+    ForumPost.where(:id => topic.posts.map(&:id)).update_all(:topic_id => id)
     update_attribute(:is_deleted, true)
   end
 end

app/models/ip_ban.rb

@@ -5,13 +5,14 @@ class IpBan < ActiveRecord::Base
   validates_presence_of :reason, :creator, :ip_addr
   validates_format_of :ip_addr, :with => IP_ADDR_REGEX
   validates_uniqueness_of :ip_addr, :if => lambda {|rec| rec.ip_addr =~ IP_ADDR_REGEX}
+  attr_accessible :ip_addr, :reason
 
   def self.is_banned?(ip_addr)
     exists?(["ip_addr = ?", ip_addr])
   end
 
   def self.search(params)
-    q = scoped
+    q = where("true")
     return q if params.blank?
 
     if params[:ip_addr].present?
@@ -36,7 +37,7 @@ class IpBan < ActiveRecord::Base
   end
 
   def self.count_by_ip_addr(table, user_ids, user_id_field = "user_id", ip_addr_field = "ip_addr")
-    select_all_sql("SELECT #{ip_addr_field}, count(*) FROM #{table} WHERE #{user_id_field} IN (?) GROUP BY #{ip_addr_field} ORDER BY count(*) DESC", user_ids)
+    select_all_sql("SELECT #{ip_addr_field}, count(*) FROM #{table} WHERE #{user_id_field} IN (?) GROUP BY #{ip_addr_field} ORDER BY count(*) DESC", user_ids).to_hash
   end
 
   def initialize_creator

app/models/janitor_trial.rb

@@ -5,9 +5,10 @@ class JanitorTrial < ActiveRecord::Base
   after_create :promote_user
   validates_presence_of :user
   before_validation :initialize_creator
+  attr_accessible :user_id
 
   def self.search(params)
-    q = scoped
+    q = where("true")
     return q if params.blank?
 
     if params[:user_name]

app/models/key_value.rb

@@ -1,3 +1,4 @@
 class KeyValue < ActiveRecord::Base
   validates_uniqueness_of :key
+  attr_accessible :key, :value
 end

app/models/mod_action.rb

@@ -1,6 +1,7 @@
 class ModAction < ActiveRecord::Base
   belongs_to :creator, :class_name => "User"
   before_validation :initialize_creator, :on => :create
+  attr_accessible :description
 
   def self.search(params = {})
     q = scoped

app/models/news_update.rb

@@ -4,6 +4,7 @@ class NewsUpdate < ActiveRecord::Base
   scope :recent, lambda {where("created_at >= ?", 2.weeks.ago).order("created_at desc").limit(5)}
   before_validation :initialize_creator, :on => :create
   before_validation :initialize_updater
+  attr_accessible :message
 
   def initialize_creator
     self.creator_id = CurrentUser.id

app/models/note.rb

@@ -3,17 +3,17 @@ class Note < ActiveRecord::Base
   belongs_to :post
   belongs_to :creator, :class_name => "User"
   belongs_to :updater, :class_name => "User"
+  has_many :versions, lambda {order("note_versions.id ASC")}, :class_name => "NoteVersion", :dependent => :destroy
   before_validation :initialize_creator, :on => :create
   before_validation :initialize_updater
   before_validation :blank_body
   validates_presence_of :post_id, :creator_id, :updater_id, :x, :y, :width, :height
   validate :post_must_exist
   validate :note_within_image, :message => "must be inside the image"
-  has_many :versions, :class_name => "NoteVersion", :dependent => :destroy, :order => "note_versions.id ASC"
   after_save :update_post
   after_save :create_version
   validate :post_must_not_be_note_locked
-  attr_accessible :x, :y, :width, :height, :body, :updater_id, :updater_ip_addr, :is_active, :post_id, :html_id
+  attr_accessible :x, :y, :width, :height, :body, :updater_id, :updater_ip_addr, :is_active, :post_id, :post, :html_id
 
   module SearchMethods
     def active
@@ -41,7 +41,7 @@ class Note < ActiveRecord::Base
     end
 
     def search(params)
-      q = scoped
+      q = where("true")
       return q if params.blank?
 
       if params[:body_matches].present?
@@ -144,7 +144,7 @@ class Note < ActiveRecord::Base
   end
 
   def update_post
-    if Note.exists?(["is_active = ? AND post_id = ?", true, post_id])
+    if Note.where(:is_active => true, :post_id => post_id).exists?
       execute_sql("UPDATE posts SET last_noted_at = ? WHERE id = ?", updated_at, post_id)
     else
       execute_sql("UPDATE posts SET last_noted_at = NULL WHERE id = ?", post_id)
@@ -153,7 +153,8 @@ class Note < ActiveRecord::Base
 
   def create_version
     CurrentUser.user.increment!(:note_update_count)
-    update_column(:version, version.to_i + 1)
+    Note.where(:id => id).update_all("version = coalesce(version, 0) + 1")
+    reload
 
     if merge_version?
       merge_version
@@ -227,14 +228,15 @@ class Note < ActiveRecord::Base
     new_note.save
   end
 
-  def self.undo_changes_by_user(user_id)
+  def self.undo_changes_by_user(vandal_id)
     transaction do
-      notes = Note.joins(:versions).where(["note_versions.updater_id = ?", user_id]).select("DISTINCT notes.*").all
+      note_ids = NoteVersion.where(:updater_id => vandal_id).select("note_id").distinct.map(&:note_id)
-      NoteVersion.destroy_all(["updater_id = ?", user_id])
+      NoteVersion.where(["updater_id = ?", vandal_id]).delete_all
-      notes.each do |note|
+      note_ids.each do |note_id|
-        first = note.versions.first
+        note = Note.find(note_id)
-        if first
+        most_recent = note.versions.last
-          note.revert_to!(first)
+        if most_recent
+          note.revert_to!(most_recent)
         end
       end
     end

app/models/note_version.rb

@@ -2,9 +2,10 @@ class NoteVersion < ActiveRecord::Base
   before_validation :initialize_updater
   belongs_to :updater, :class_name => "User"
   scope :for_user, lambda {|user_id| where("updater_id = ?", user_id)}
+  attr_accessible :note_id, :x, :y, :width, :height, :body, :updater_id, :updater_ip_addr, :is_active, :post_id, :html_id, :version
 
   def self.search(params)
-    q = scoped
+    q = where("true")
     params = {} if params.blank?
 
     if params[:updater_id]

app/models/pool.rb

@@ -6,7 +6,7 @@ class Pool < ActiveRecord::Base
   validates_inclusion_of :category, :in => %w(series collection)
   belongs_to :creator, :class_name => "User"
   belongs_to :updater, :class_name => "User"
-  has_many :versions, :class_name => "PoolVersion", :dependent => :destroy, :order => "pool_versions.id ASC"
+  has_many :versions, lambda {order("pool_versions.id ASC")}, :class_name => "PoolVersion", :dependent => :destroy
   before_validation :normalize_post_ids
   before_validation :normalize_name
   before_validation :initialize_is_active, :on => :create
@@ -46,7 +46,7 @@ class Pool < ActiveRecord::Base
     end
 
     def search(params)
-      q = scoped
+      q = where("true")
       params = {} if params.blank?
 
       if params[:name_matches].present?
@@ -105,7 +105,7 @@ class Pool < ActiveRecord::Base
     if name =~ /^\d+$/
       name.to_i
     else
-      select_value_sql("SELECT id FROM pools WHERE lower(name) = ?", name.mb_chars.downcase.tr(" ", "_")).to_i
+      select_value_sql("SELECT id FROM pools WHERE lower(name) = ?", name.downcase.tr(" ", "_")).to_i
     end
   end
 
@@ -314,10 +314,12 @@ class Pool < ActiveRecord::Base
     if post_ids_changed? || name_changed? || description_changed? || is_active_changed? || is_deleted_changed? || category_changed? || force
       last_version = versions.last
 
-      if last_version && CurrentUser.ip_addr == last_version.updater_ip_addr && CurrentUser.id == last_version.updater_id && last_version.created_at > 1.hour.ago
+      if last_version && last_version.updater_ip_addr == CurrentUser.ip_addr && CurrentUser.user.id == last_version.updater_id && last_version.created_at > 1.hour.ago
+        # merge
         last_version.update_column(:post_ids, post_ids)
         last_version.update_column(:name, name)
       else
+        # create
         versions.create(:post_ids => post_ids, :name => name)
       end
     end

app/models/pool_version.rb

@@ -5,6 +5,7 @@ class PoolVersion < ActiveRecord::Base
   belongs_to :pool
   belongs_to :updater, :class_name => "User"
   before_validation :initialize_updater
+  attr_accessible :pool_id, :is_deleted, :name, :description, :post_ids, :post_id_array, :post_count, :is_active, :category, :updater_id, :updater_ip_addr
 
   module SearchMethods
     def for_user(user_id)
@@ -12,7 +13,7 @@ class PoolVersion < ActiveRecord::Base
     end
 
     def search(params)
-      q = scoped
+      q = where("true")
       return q if params.blank?
 
       if params[:updater_id].present?

app/models/post.rb

@@ -28,11 +28,11 @@ class Post < ActiveRecord::Base
   has_one :artist_commentary, :dependent => :destroy
   has_many :flags, :class_name => "PostFlag", :dependent => :destroy
   has_many :appeals, :class_name => "PostAppeal", :dependent => :destroy
-  has_many :versions, :class_name => "PostVersion", :dependent => :destroy, :order => "post_versions.updated_at ASC, post_versions.id ASC"
+  has_many :versions, lambda {order("post_versions.updated_at ASC, post_versions.id ASC")}, :class_name => "PostVersion", :dependent => :destroy
   has_many :votes, :class_name => "PostVote", :dependent => :destroy
   has_many :notes, :dependent => :destroy
-  has_many :comments, :order => "comments.id", :dependent => :destroy
+  has_many :comments, lambda {order("comments.id")}, :dependent => :destroy
-  has_many :children, :class_name => "Post", :foreign_key => "parent_id", :order => "posts.id"
+  has_many :children, lambda {order("posts.id")}, :class_name => "Post", :foreign_key => "parent_id"
   has_many :disapprovals, :class_name => "PostDisapproval", :dependent => :destroy
   has_many :favorites, :dependent => :destroy
   validates_uniqueness_of :md5
@@ -315,22 +315,22 @@ class Post < ActiveRecord::Base
     end
 
     def increment_tag_post_counts
-      Tag.update_all("post_count = post_count + 1", {:name => tag_array}) if tag_array.any?
+      Tag.where(:name => tag_array).update_all("post_count = post_count + 1") if tag_array.any?
     end
 
     def decrement_tag_post_counts
-      Tag.update_all("post_count = post_count - 1", {:name => tag_array}) if tag_array.any?
+      Tag.where(:name => tag_array).update_all("post_count = post_count - 1") if tag_array.any?
     end
 
     def update_tag_post_counts
       decrement_tags = tag_array_was - tag_array
       increment_tags = tag_array - tag_array_was
       if increment_tags.any?
-        Tag.update_all("post_count = post_count + 1", {:name => increment_tags})
+        Tag.where(:name => increment_tags).update_all("post_count = post_count + 1")
         Post.expire_cache_for_all(increment_tags)
       end
       if decrement_tags.any?
-        Tag.update_all("post_count = post_count - 1", {:name => decrement_tags})
+        Tag.where(:name => decrement_tags).update_all("post_count = post_count - 1")
         Post.expire_cache_for_all(decrement_tags)
       end
       Post.expire_cache_for_all([""]) if new_record? || id <= 100_000
@@ -417,7 +417,7 @@ class Post < ActiveRecord::Base
 
     def remove_negated_tags(tags)
       negated_tags, tags = tags.partition {|x| x =~ /\A-/i}
-      negated_tags.map!{|x| x[1..-1]}
+      negated_tags = negated_tags.map {|x| x[1..-1]}
       return tags - negated_tags
     end
 
@@ -708,10 +708,10 @@ class Post < ActiveRecord::Base
     def vote!(score)
       if can_be_voted_by?(CurrentUser.user)
         if score == "up"
-          Post.update_all("score = score + 1, up_score = up_score + 1", {:id => id})
+          Post.where(:id => id).update_all("score = score + 1, up_score = up_score + 1")
           self.score += 1
         elsif score == "down"
-          Post.update_all("score = score - 1, down_score = down_score - 1", {:id => id})
+          Post.where(:id => id).update_all("score = score - 1, down_score = down_score - 1")
           self.score -= 1
         end
 
@@ -728,10 +728,10 @@ class Post < ActiveRecord::Base
         vote = votes.where("user_id = ?", CurrentUser.user.id).first
 
         if vote.score == 1
-          Post.update_all("score = score - 1, up_score = up_score - 1", {:id => id})
+          Post.where(:id => id).update_all("score = score - 1, up_score = up_score - 1")
           self.score -= 1
         else
-          Post.update_all("score = score + 1, down_score = down_score + 1", {:id => id})
+          Post.where(:id => id).update_all("score = score + 1, down_score = down_score + 1")
           self.score += 1
         end
 
@@ -890,7 +890,7 @@ class Post < ActiveRecord::Base
         eldest = cached_children[0]
         siblings = cached_children[1..-1]
         eldest.update_column(:parent_id, nil)
-        Post.update_all({:parent_id => eldest.id}, :id => siblings.map(&:id))
+        Post.where(:id => siblings.map(&:id)).update_all(:parent_id => eldest.id)
       end
     end
 
@@ -1008,7 +1008,7 @@ class Post < ActiveRecord::Base
     end
 
     def create_new_version
-      CurrentUser.increment!(:post_update_count)
+      CurrentUser.user.increment!(:post_update_count)
       versions.create(
         :rating => rating,
         :source => source,
@@ -1019,6 +1019,7 @@ class Post < ActiveRecord::Base
 
     def merge_version
       prev = versions.last
+      if prev
         prev.update_attributes(
           :rating => rating,
           :source => source,
@@ -1026,6 +1027,7 @@ class Post < ActiveRecord::Base
           :parent_id => parent_id
         )
       end
+    end
 
     def revert_to(target)
       self.tag_string = target.tags
@@ -1236,7 +1238,7 @@ class Post < ActiveRecord::Base
     end
 
     def search(params)
-      q = scoped
+      q = where("true")
       return q if params.blank?
 
       if params[:before_id].present?

app/models/post_appeal.rb

@@ -8,6 +8,7 @@ class PostAppeal < ActiveRecord::Base
   validate :validate_creator_is_not_limited
   before_validation :initialize_creator, :on => :create
   validates_uniqueness_of :creator_id, :scope => :post_id, :message => "have already appealed this post"
+  attr_accessible :post_id, :post, :reason
 
   module SearchMethods
     def resolved
@@ -31,7 +32,7 @@ class PostAppeal < ActiveRecord::Base
     end
 
     def search(params)
-      q = scoped
+      q = where("true")
       return q if params.blank?
 
       if params[:creator_id].present?

app/models/post_disapproval.rb

@@ -2,6 +2,7 @@ class PostDisapproval < ActiveRecord::Base
   belongs_to :post
   belongs_to :user
   validates_uniqueness_of :post_id, :scope => [:user_id], :message => "have already hidden this post"
+  attr_accessible :post_id, :post, :user_id, :user
 
   def self.prune!
     joins(:post).where("posts.is_pending = FALSE AND posts.is_flagged = FALSE").each do |post_disapproval|

app/models/post_flag.rb

@@ -9,6 +9,7 @@ class PostFlag < ActiveRecord::Base
   before_validation :initialize_creator, :on => :create
   validates_uniqueness_of :creator_id, :scope => :post_id, :message => "have already flagged this post"
   before_save :update_post
+  attr_accessible :post, :post_id, :reason, :is_resolved
 
   module SearchMethods
     def resolved
@@ -32,7 +33,7 @@ class PostFlag < ActiveRecord::Base
     end
 
     def search(params)
-      q = scoped
+      q = where("true")
       return q if params.blank?
 
       if params[:creator_id].present? && (CurrentUser.user.is_janitor? || params[:creator_id].to_i == CurrentUser.user.id)

app/models/post_version.rb

@@ -2,6 +2,7 @@ class PostVersion < ActiveRecord::Base
   belongs_to :post
   belongs_to :updater, :class_name => "User"
   before_validation :initialize_updater
+  attr_accessible :post_id, :is_status_locked, :is_rating_locked, :is_note_locked, :source, :rating, :tag_string, :old_tag_string, :old_parent_id, :old_source, :old_rating, :last_noted_at, :parent_id, :tags
 
   module SearchMethods
     def for_user(user_id)
@@ -13,7 +14,7 @@ class PostVersion < ActiveRecord::Base
     end
 
     def search(params)
-      q = scoped
+      q = where("true")
       params = {} if params.blank?
 
       if params[:updater_name].present?

app/models/post_vote.rb

@@ -5,6 +5,7 @@ class PostVote < ActiveRecord::Base
   before_validation :initialize_user, :on => :create
   validates_presence_of :post_id, :user_id, :score
   validates_inclusion_of :score, :in => [1, -1]
+  attr_accessible :post_id, :user_id, :score
 
   def score=(x)
     if x == "up"

app/models/tag.rb

@@ -113,7 +113,7 @@ class Tag < ActiveRecord::Base
         Post.raw_tag_match(name).find_each do |post|
           post.reload
           post.set_tag_counts
-          Post.update_all({:tag_count => post.tag_count, :tag_count_general => post.tag_count_general, :tag_count_artist => post.tag_count_artist, :tag_count_copyright => post.tag_count_copyright, :tag_count_character => post.tag_count_character}, {:id => post.id})
+          Post.where(:id => post.id).update_all(:tag_count => post.tag_count, :tag_count_general => post.tag_count_general, :tag_count_artist => post.tag_count_artist, :tag_count_copyright => post.tag_count_copyright, :tag_count_character => post.tag_count_character)
         end
       end
     end
@@ -349,7 +349,7 @@ class Tag < ActiveRecord::Base
         output[:include] << tag[1..-1].mb_chars.downcase
 
       elsif tag =~ /\*/
-        matches = Tag.name_matches(tag.downcase).all(:select => "name", :limit => Danbooru.config.tag_query_limit, :order => "post_count DESC").map(&:name)
+        matches = Tag.name_matches(tag.downcase).select("name").limit(Danbooru.config.tag_query_limit).order("post_count DESC").map(&:name)
         matches = ["~no_matches~"] if matches.empty?
         output[:include] += matches
 
@@ -421,8 +421,8 @@ class Tag < ActiveRecord::Base
             elsif $2.downcase == "any"
               q[:pool] = "any"
             elsif $2.include?("*")
-              pools = Pool.name_matches($2).all(:select => "id", :limit => Danbooru.config.tag_query_limit, :order => "post_count DESC")
+              pools = Pool.name_matches($2).select("id").limit(Danbooru.config.tag_query_limit).order("post_count DESC")
-              q[:tags][:include] += pools.map!{|pool| "pool:#{pool.id}"}
+              q[:tags][:include] += pools.map {|pool| "pool:#{pool.id}"}
             else
               q[:tags][:related] << "pool:#{Pool.name_to_id($2)}"
             end
@@ -621,7 +621,7 @@ class Tag < ActiveRecord::Base
     end
 
     def search(params)
-      q = scoped
+      q = where("true")
       params = {} if params.blank?
 
       if params[:name_matches].present?

app/models/tag_alias.rb

@@ -9,6 +9,7 @@ class TagAlias < ActiveRecord::Base
   validate :absence_of_transitive_relation
   belongs_to :creator, :class_name => "User"
   belongs_to :forum_topic
+  attr_accessible :antecedent_name, :consequent_name, :forum_topic_id, :status
 
   module SearchMethods
     def name_matches(name)
@@ -20,7 +21,7 @@ class TagAlias < ActiveRecord::Base
     end
 
     def search(params)
-      q = scoped
+      q = where("true")
       return q if params.blank?
 
       if params[:name_matches].present?

app/models/tag_implication.rb

@@ -10,6 +10,7 @@ class TagImplication < ActiveRecord::Base
   validate :absence_of_circular_relation
   validate :antecedent_is_not_aliased
   validate :consequent_is_not_aliased
+  attr_accessible :antecedent_name, :consequent_name, :descendant_names, :forum_topic_id, :status, :forum_topic
 
   module DescendantMethods
     extend ActiveSupport::Concern
@@ -78,7 +79,7 @@ class TagImplication < ActiveRecord::Base
     end
 
     def search(params)
-      q = scoped
+      q = where("true")
       return q if params.blank?
 
       if params[:id].present?

app/models/tag_subscription.rb

@@ -39,7 +39,7 @@ class TagSubscription < ActiveRecord::Base
   end
 
   def tag_query_array
-    tag_query.scan(/[^\r\n]+/).map!(&:strip)
+    tag_query.scan(/[^\r\n]+/).map(&:strip)
   end
 
   def limit_tag_count
@@ -80,7 +80,7 @@ class TagSubscription < ActiveRecord::Base
     end
 
     def search(params)
-      q = scoped
+      q = where("true")
       params = {} if params.blank?
 
       if params[:creator_id]

app/models/upload.rb

@@ -13,6 +13,7 @@ class Upload < ActiveRecord::Base
   after_destroy :delete_temp_file
   validate :uploader_is_not_limited, :on => :create
   validate :file_or_source_is_present, :on => :create
+  attr_accessible :file, :image_width, :image_height, :file_ext, :md5, :file_size, :as_pending, :source, :file_path, :content_type, :rating, :tag_string, :status, :backtrace, :post_id, :md5_confirmation
 
   module ValidationMethods
     def uploader_is_not_limited
@@ -316,7 +317,7 @@ class Upload < ActiveRecord::Base
     end
 
     def search(params)
-      q = scoped
+      q = where("true")
       return q if params.blank?
 
       if params[:uploader_id].present?

app/models/user.rb

@@ -40,11 +40,11 @@ class User < ActiveRecord::Base
   before_create :promote_to_admin_if_first_user
   has_many :feedback, :class_name => "UserFeedback", :dependent => :destroy
   has_many :posts, :foreign_key => "uploader_id"
-  has_many :bans, :order => "bans.id desc"
+  has_many :bans, lambda {order("bans.id desc")}
-  has_one :recent_ban, :class_name => "Ban", :order => "bans.id desc"
+  has_one :recent_ban, lambda {order("bans.id desc")}, :class_name => "Ban"
-  has_many :subscriptions, :class_name => "TagSubscription", :foreign_key => "creator_id", :order => "name"
+  has_many :subscriptions, lambda {order("tag_subscriptions.name")}, :class_name => "TagSubscription", :foreign_key => "creator_id"
   has_many :note_versions, :foreign_key => "updater_id"
-  has_many :dmails, :foreign_key => "owner_id", :order => "dmails.id desc"
+  has_many :dmails, lambda {order("dmails.id desc")}, :foreign_key => "owner_id"
   belongs_to :inviter, :class_name => "User"
   after_update :create_mod_action
 
@@ -207,7 +207,7 @@ class User < ActiveRecord::Base
     end
 
     def clean_favorite_count?
-      favorite_count < 0 || rand(100) < [Math.log(favorite_count, 2), 5].min
+      favorite_count < 0 || Kernel.rand(100) < [Math.log(favorite_count, 2), 5].min
     end
 
     def clean_favorite_count!
@@ -628,7 +628,7 @@ class User < ActiveRecord::Base
     end
 
     def search(params)
-      q = scoped
+      q = where("true")
       return q if params.blank?
 
       if params[:name].present?

app/models/user_feedback.rb

@@ -29,7 +29,7 @@ class UserFeedback < ActiveRecord::Base
     end
 
     def search(params)
-      q = scoped
+      q = where("true")
       return q if params.blank?
 
       if params[:user_id].present?

app/models/user_name_change_request.rb

@@ -9,6 +9,7 @@ class UserNameChangeRequest < ActiveRecord::Base
   validates_format_of :desired_name, :with => /\A[^\s:]+\Z/, :on => :create, :message => "cannot have whitespace or colons"
   before_validation :normalize_name
   after_create :notify_admins
+  attr_accessible :status, :user_id, :original_name, :desired_name, :change_reason, :rejection_reason
   
   def self.pending
     where(:status => "pending")

app/models/user_password_reset_nonce.rb

@@ -3,6 +3,7 @@ class UserPasswordResetNonce < ActiveRecord::Base
   validate :validate_existence_of_email
   before_validation :initialize_key, :on => :create
   after_create :deliver_notice
+  attr_accessible :key, :nonce, :email
 
   def self.prune!
     destroy_all(["created_at < ?", 1.week.ago])

app/models/wiki_page.rb

@@ -12,8 +12,8 @@ class WikiPage < ActiveRecord::Base
   validate :validate_not_locked
   attr_accessible :title, :body, :is_locked
   has_one :tag, :foreign_key => "name", :primary_key => "title"
-  has_one :artist, :foreign_key => "name", :primary_key => "title", :conditions => {:is_active => true}
+  has_one :artist, lambda {where(:is_active => true)}, :foreign_key => "name", :primary_key => "title"
-  has_many :versions, :class_name => "WikiPageVersion", :dependent => :destroy, :order => "wiki_page_versions.id ASC"
+  has_many :versions, lambda {order("wiki_page_versions.id ASC")}, :class_name => "WikiPageVersion", :dependent => :destroy
 
   module SearchMethods
     def titled(title)
@@ -33,7 +33,7 @@ class WikiPage < ActiveRecord::Base
     end
 
     def search(params = {})
-      q = scoped
+      q = where("true")
       params = {} if params.blank?
 
       if params[:title].present?

app/models/wiki_page_version.rb

@@ -1,6 +1,7 @@
 class WikiPageVersion < ActiveRecord::Base
   belongs_to :wiki_page
   belongs_to :updater, :class_name => "User"
+  attr_accessible :wiki_page_id, :title, :body, :is_locked, :updater_id, :updater_ip_addr, :version
 
   module SearchMethods
     def for_user(user_id)
@@ -8,7 +9,7 @@ class WikiPageVersion < ActiveRecord::Base
     end
 
     def search(params)
-      q = scoped
+      q = where("true")
       return q if params.blank?
 
       if params[:updater_id].present?

app/views/artist_commentary_versions/index.html.erb

@@ -39,7 +39,7 @@
             <td><%= compact_time commentary_version.updated_at %></td>
             <% if CurrentUser.is_member? %>
               <td>
-                <%= link_to "Revert to", revert_artist_commentary_path(commentary_version.post_id, :version_id => commentary_version.id), :remote => true, :method => :put, :confirm => "Are you sure you want to revert to this version?" %>
+                <%= link_to "Revert to", revert_artist_commentary_path(commentary_version.post_id, :version_id => commentary_version.id), :remote => true, :method => :put, :data => {:confirm => "Are you sure you want to revert to this version?"} %>
               </td>
             <% end %>
           </tr>

app/views/artist_versions/index.html.erb

@@ -44,7 +44,7 @@
               </td>
               <% if CurrentUser.is_member? %>
                 <td>
-                  <%= link_to "Revert to", revert_artist_path(artist_version.artist_id, :version_id => artist_version.id), :method => :put, :confirm => "Are you sure you want to revert to this version?" %>
+                  <%= link_to "Revert to", revert_artist_path(artist_version.artist_id, :version_id => artist_version.id), :method => :put, :data => {:confirm => "Are you sure you want to revert to this version?"} %>
                 </td>
               <% end %>
             </tr>

app/views/artists/_secondary_links.html.erb

@@ -15,17 +15,17 @@
       <li><%= link_to "History", artist_versions_path(:search => {:artist_id => @artist.id}) %></li>
       <% if @artist.deletable_by?(CurrentUser.user) %>
         <% if @artist.is_active? %>
-          <li><%= link_to "Delete", artist_path(@artist), :method => :delete, :confirm => "Are you sure you want to delete this artist?" %></li>
+          <li><%= link_to "Delete", artist_path(@artist), :method => :delete, :data => {:confirm => "Are you sure you want to delete this artist?"} %></li>
         <% else %>
-          <li><%= link_to "Undelete", undelete_artist_path(@artist), :method => :post, :confirm => "Are you sure you want to undelete this artist?" %></li>
+          <li><%= link_to "Undelete", undelete_artist_path(@artist), :method => :post, :data => {:confirm => "Are you sure you want to undelete this artist?"} %></li>
         <% end %>
       <% end %>
       <% if CurrentUser.is_admin? %>
         <% if @artist.is_banned? %>
-          <li><%= link_to "Unban", unban_artist_path(@artist), :method => :put, :confirm => "Are you sure you want to unban this artist?" %></li>
+          <li><%= link_to "Unban", unban_artist_path(@artist), :method => :put, :data => {:confirm => "Are you sure you want to unban this artist?"} %></li>
 
         <% else %>
-          <li><%= link_to "Ban", ban_artist_path(@artist), :method => :put, :confirm => "Are you sure you want to ban this artist?" %></li>
+          <li><%= link_to "Ban", ban_artist_path(@artist), :method => :put, :data => {:confirm => "Are you sure you want to ban this artist?"} %></li>
         <% end %>
       <% end %>
     <% end %>

app/views/comments/partials/show/_comment.html.erb

@@ -19,7 +19,7 @@
         <% if @post || @posts %>
           <li><%= link_to "Reply", new_comment_path(:post_id => comment.post_id), :class => "reply-link", "data-comment-id" => comment.id %></li>
           <% if comment.editable_by?(CurrentUser.user) %>
-            <li><%= link_to "Delete", comment_path(comment.id), :confirm => "Are you sure you want to delete this comment?", :method => :delete, :remote => true %></li>
+            <li><%= link_to "Delete", comment_path(comment.id), :data => {:confirm => "Are you sure you want to delete this comment?"}, :method => :delete, :remote => true %></li>
             <li><%= link_to "Edit", edit_comment_path(comment.id), :id => "edit_comment_link_#{comment.id}", :class => "edit_comment_link" %></li>
           <% end %>
           <li id="comment-vote-up-link-for-<%= comment.id %>"><%= link_to "Vote up", comment_votes_path(:comment_id => comment.id, :score => "up"), :method => :post, :remote => true %></li>

app/views/dmails/index.html.erb

@@ -26,7 +26,7 @@
             <td><%= link_to_user dmail.to %></td>
             <td><%= link_to dmail.title, dmail_path(dmail) %></td>
             <td>
-              <%= link_to "delete", dmail_path(dmail), :method => :delete, :confirm => "Are you sure you want to delete this Dmail?" %>
+              <%= link_to "delete", dmail_path(dmail), :method => :delete, :data => {:confirm => "Are you sure you want to delete this Dmail?"} %>
             </td>
           </tr>
         <% end %>

app/views/forum_posts/_forum_post.html.erb

@@ -27,7 +27,7 @@
           <% if forum_post.is_deleted %>
             <li><%= link_to "Undelete", undelete_forum_post_path(forum_post.id), :method => :post, :remote => true %></li>
           <% else %>
-            <li><%= link_to "Delete", forum_post_path(forum_post.id), :confirm => "Are you sure you want to delete this forum post?", :method => :delete, :remote => true %></li>
+            <li><%= link_to "Delete", forum_post_path(forum_post.id), :data => {:confirm => "Are you sure you want to delete this forum post?"}, :method => :delete, :remote => true %></li>
           <% end %>
         <% end %>
         <% if forum_post.editable_by?(CurrentUser.user) %>

app/views/forum_topics/_secondary_links.html.erb

@@ -19,17 +19,17 @@
           <% if @forum_topic.is_deleted? %>
             <li><%= link_to "Undelete", undelete_forum_topic_path(@forum_topic), :method => :post %></li>
           <% else %>
-            <li><%= link_to "Delete", forum_topic_path(@forum_topic), :method => :delete, :confirm => "Are you sure you want to delete this forum topic?" %></li>
+            <li><%= link_to "Delete", forum_topic_path(@forum_topic), :method => :delete, :data => {:confirm => "Are you sure you want to delete this forum topic?"} %></li>
           <% end %>
           <% if @forum_topic.is_locked? %>
             <li><%= link_to "Unlock", forum_topic_path(@forum_topic, :forum_topic => {:is_locked => false}), :method => :put %></li>
           <% else %>
-            <li><%= link_to "Lock", forum_topic_path(@forum_topic, :forum_topic => {:is_locked => true}), :method => :put, :confirm => "Are you sure you want to lock this forum topic?" %></li>
+            <li><%= link_to "Lock", forum_topic_path(@forum_topic, :forum_topic => {:is_locked => true}), :method => :put, :data => {:confirm => "Are you sure you want to lock this forum topic?"} %></li>
           <% end %>
           <% if @forum_topic.is_sticky? %>
             <li><%= link_to "Unsticky", forum_topic_path(@forum_topic, :forum_topic => {:is_sticky => false}), :method => :put %></li>
           <% else %>
-            <li><%= link_to "Sticky", forum_topic_path(@forum_topic, :forum_topic => {:is_sticky => true}), :method => :put, :confirm => "Are you sure you want to sticky this forum topic?" %></li>
+            <li><%= link_to "Sticky", forum_topic_path(@forum_topic, :forum_topic => {:is_sticky => true}), :method => :put, :data => {:confirm => "Are you sure you want to sticky this forum topic?"} %></li>
           <% end %>
           <li><%= link_to "Merge", new_merge_forum_topic_path(@forum_topic) %></li>
         <% end %>

app/views/ip_bans/index.html.erb

@@ -17,7 +17,7 @@
             <td><%= ip_ban.ip_addr %></td>
             <td><%= ip_ban.creator.name %></td>
             <td><%= ip_ban.reason %></td>
-            <td><%= link_to "Unban", ip_ban_path(ip_ban), :remote => true, :method => :delete, :confirm => "Do your really want to unban #{ip_ban.creator.name}?" %></td>
+            <td><%= link_to "Unban", ip_ban_path(ip_ban), :remote => true, :method => :delete, :data => {:confirm => "Do your really want to unban #{ip_ban.creator.name}?"} %></td>
           </tr>
         <% end %>
       </tbody>

app/views/ip_bans/new.html.erb

@@ -5,7 +5,7 @@
     <%= error_messages_for "ip_ban" %>
 
     <%= simple_form_for(@ip_ban) do |f| %>
-      <%= f.input :ip_addr, :label => "IP Address" %>
+      <%= f.input :ip_addr, :label => "IP Address", :as => :string %>
       <%= f.input :reason, :input_html => {:size => "50x5"} %>
       <%= f.button :submit, "Submit" %>
     <% end %>

app/views/meta_searches/tags.html.erb

@@ -67,7 +67,7 @@
                 <td>
                   <%= link_to "Show", tag_alias_path(tag_alias) %>
                   <% if tag_alias.deletable_by?(CurrentUser.user) %>
-                    | <%= link_to "Delete", tag_alias_path(tag_alias), :remote => true, :method => :delete, :confirm => "Are you sure you want to delete this alias?" %>
+                    | <%= link_to "Delete", tag_alias_path(tag_alias), :remote => true, :method => :delete, :data => {:confirm => "Are you sure you want to delete this alias?"} %>
                   <% end %>
 
                   <% if CurrentUser.is_admin? && tag_alias.is_pending? %>
@@ -107,7 +107,7 @@
                 <td>
                   <%= link_to "Show", tag_implication_path(tag_implication) %>
                   <% if tag_implication.deletable_by?(CurrentUser.user) %>
-                    | <%= link_to "Delete", tag_implication_path(tag_implication), :remote => true, :method => :delete, :confirm => "Are you sure you want to delete this implication?" %>
+                    | <%= link_to "Delete", tag_implication_path(tag_implication), :remote => true, :method => :delete, :data => {:confirm => "Are you sure you want to delete this implication?"} %>
                   <% end %>
                   <% if CurrentUser.user.is_admin? && tag_implication.is_pending? %>
                     | <%= link_to "Approve", approve_tag_implication_path(tag_implication), :remote => true, :method => :post %>

app/views/note_versions/index.html.erb

@@ -40,7 +40,7 @@
             <td><%= compact_time note_version.updated_at %></td>
             <% if CurrentUser.is_member? %>
               <td>
-                <%= link_to "Revert to", revert_note_path(note_version.note_id, :version_id => note_version.id), :remote => true, :method => :put, :confirm => "Are you sure you want to revert to this version?" %>
+                <%= link_to "Revert to", revert_note_path(note_version.note_id, :version_id => note_version.id), :remote => true, :method => :put, :data => {:confirm => "Are you sure you want to revert to this version?"} %>
               </td>
             <% end %>
           </tr>

app/views/pools/_secondary_links.html.erb

@@ -13,7 +13,7 @@
         <% if @pool.is_deleted? %>
           <li><%= link_to "Undelete", undelete_pool_path(@pool), :method => :post, :remote => true %></li>
         <% else %>
-          <li><%= link_to "Delete", pool_path(@pool), :method => :delete, :confirm => "Are you sure you want to delete this pool?", :remote => true %></li>
+          <li><%= link_to "Delete", pool_path(@pool), :method => :delete, :data => {:confirm => "Are you sure you want to delete this pool?"}, :remote => true %></li>
         <% end %>
       <% end %>
       <li><%= link_to "History", pool_versions_path(:search => {:pool_id => @pool.id}) %></li>

app/views/posts/partials/show/_options.html.erb

@@ -47,7 +47,7 @@
       <% end %>
 
       <% if CurrentUser.is_admin? %>
-        <li><%= link_to "Expunge", expunge_moderator_post_post_path(:post_id => post.id), :remote => true, :method => :post, :id => "expunge", :confirm => "This will permanently delete this post (meaning the file will be deleted). Are you sure you want to delete this post?" %></li>
+        <li><%= link_to "Expunge", expunge_moderator_post_post_path(:post_id => post.id), :remote => true, :method => :post, :id => "expunge", :data => {:confirm => "This will permanently delete this post (meaning the file will be deleted). Are you sure you want to delete this post?"} %></li>
       <% end %>
 
       <li id="mobile-version-list"><%= link_to "Mobile version", mobile_post_path(post) %></li>

app/views/tag_aliases/index.html.erb

@@ -33,7 +33,7 @@
             <td>
               <%= link_to "Show", tag_alias_path(tag_alias) %>
               <% if tag_alias.deletable_by?(CurrentUser.user) %>
-                | <%= link_to "Delete", tag_alias_path(tag_alias), :remote => true, :method => :delete, :confirm => "Are you sure you want to delete this alias?" %>
+                | <%= link_to "Delete", tag_alias_path(tag_alias), :remote => true, :method => :delete, :data => {:confirm => "Are you sure you want to delete this alias?"} %>
               <% end %>
 
               <% if CurrentUser.is_admin? && tag_alias.is_pending? %>

app/views/tag_implications/index.html.erb

@@ -31,7 +31,7 @@
             <td>
               <%= link_to "Show", tag_implication_path(tag_implication) %>
               <% if tag_implication.deletable_by?(CurrentUser.user) %>
-                | <%= link_to "Delete", tag_implication_path(tag_implication), :remote => true, :method => :delete, :confirm => "Are you sure you want to delete this implication?" %>
+                | <%= link_to "Delete", tag_implication_path(tag_implication), :remote => true, :method => :delete, :data => {:confirm => "Are you sure you want to delete this implication?"} %>
               <% end %>
               <% if CurrentUser.user.is_admin? && tag_implication.is_pending? %>
                 | <%= link_to "Approve", approve_tag_implication_path(tag_implication), :remote => true, :method => :post %>

app/views/tag_subscriptions/_secondary_links.html.erb

@@ -10,7 +10,7 @@
       <li>|</li>
       <li><%= link_to "Show", tag_subscription_path(@tag_subscription) %></li>
       <li><%= link_to "Edit", edit_tag_subscription_path(@tag_subscription) %></li>
-      <li><%= link_to "Delete", tag_subscription_path(@tag_subscription, :method => :delete, :confirm => "Are you sure you want to delete this tag subscription?") %></li>
+      <li><%= link_to "Delete", tag_subscription_path(@tag_subscription, :method => :delete, :data => {:confirm => "Are you sure you want to delete this tag subscription?"}) %></li>
     <% end %>
   </menu>
 <% end %>

app/views/tag_subscriptions/index.html.erb

@@ -18,7 +18,7 @@
             <td><%= tag_subscription.post_id_array.size %></td>
             <td>
               <%= link_to "edit", edit_tag_subscription_path(tag_subscription) %>
-              | <%= link_to "delete", tag_subscription_path(tag_subscription), :method => :delete, :confirm => "Are you sure you want to delete this subscription?" %>
+              | <%= link_to "delete", tag_subscription_path(tag_subscription), :method => :delete, :data => {:confirm => "Are you sure you want to delete this subscription?"} %>
               | <%= link_to "posts", posts_path(:tags => "sub:#{tag_subscription.creator.name}:#{tag_subscription.name}") %>
             </td>
           </tr>

app/views/user_feedbacks/index.html.erb

@@ -21,7 +21,7 @@
             <td><%= format_text(feedback.body) %></td>
             <td>
               <% if feedback.creator_id == CurrentUser.id || CurrentUser.is_moderator? %>
-                <%= link_to "delete", user_feedback_path(feedback), :method => :delete, :confirm => "Are you sure you want to delete this user feedback?" %>
+                <%= link_to "delete", user_feedback_path(feedback), :method => :delete, :data => {:confirm => "Are you sure you want to delete this user feedback?"} %>
               <% end %>
             </td>
           </tr>

app/views/wiki_pages/_secondary_links.html.erb

@@ -19,7 +19,7 @@
           <li><%= link_to "Edit", edit_wiki_page_path(@wiki_page) %></li>
         <% end %>
         <% if CurrentUser.is_janitor? %>
-          <li><%= link_to "Delete", wiki_page_path(@wiki_page), :remote => true, :method => :delete, :confirm => "Are you sure you want to delete this wiki page?" %></li>
+          <li><%= link_to "Delete", wiki_page_path(@wiki_page), :remote => true, :method => :delete, :data => {:confirm => "Are you sure you want to delete this wiki page?"} %></li>
         <% end %>
       <% end %>
     <% end %>
@@ -27,7 +27,7 @@
       <li>|</li>
       <li><%= link_to "Newest", wiki_page_path(@wiki_page_version.wiki_page_id) %></li>
       <% if CurrentUser.is_member? %>
-        <li><%= link_to "Revert to", revert_wiki_page_path(@wiki_page_version.wiki_page_id, :version_id => @wiki_page_version.id), :method => :put, :confirm => "Are you sure you want to revert to this version?" %></li>
+        <li><%= link_to "Revert to", revert_wiki_page_path(@wiki_page_version.wiki_page_id, :version_id => @wiki_page_version.id), :method => :put, :data => {:confirm => "Are you sure you want to revert to this version?"} %></li>
       <% end %>
     <% end %>
   </menu>

bin/bundle

@@ -0,0 +1,3 @@
+#!/usr/bin/env ruby
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__)
+load Gem.bin_path('bundler', 'bundle')

bin/rails

@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path('../../config/application',  __FILE__)
+require_relative '../config/boot'
+require 'rails/commands'

bin/rake

@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative '../config/boot'
+require 'rake'
+Rake.application.run

config.ru

@@ -8,4 +8,4 @@ if defined? Unicorn
   use Unicorn::OobGC
 end
 
-run Danbooru::Application
+run Rails.application

config/application.rb

@@ -2,10 +2,7 @@ require File.expand_path('../boot', __FILE__)
 require 'rails/all'
 
 if defined?(Bundler)
-  # If you precompile assets before deploying to production, use this line
+  Bundler.require(:default, Rails.env)
-  Bundler.require(*Rails.groups(:assets => %w(development test)))
-  # If you want your assets lazily compiled in production, use this line
-  # Bundler.require(:default, :assets, Rails.env)
 end
 
 module Danbooru

config/boot.rb

@@ -1,6 +1,4 @@
-require 'rubygems'
-
 # Set up gems listed in the Gemfile.
 ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__)
 
-require 'bundler/setup' if File.exists?(ENV['BUNDLE_GEMFILE'])
+require 'bundler/setup' if File.exist?(ENV['BUNDLE_GEMFILE'])

config/environment.rb

@@ -2,4 +2,4 @@
 require File.expand_path('../application', __FILE__)
 
 # Initialize the rails application
-Danbooru::Application.initialize!
+Rails.application.initialize!

config/environments/development.rb

@@ -1,37 +1,37 @@
-Danbooru::Application.configure do
+Rails.application.configure do
-  # Settings specified here will take precedence over those in config/application.rb
+  # Settings specified here will take precedence over those in config/application.rb.
 
   # In the development environment your application's code is reloaded on
   # every request. This slows down response time but is perfect for development
   # since you don't have to restart the web server when you make code changes.
   config.cache_classes = false
 
-  # Log error messages when you accidentally call methods on nil.
+  # Do not eager load code on boot.
-  config.whiny_nils = true
+  config.eager_load = false
 
-  # Show full error reports and disable caching
+  # Show full error reports and disable caching.
   config.consider_all_requests_local       = true
   config.action_controller.perform_caching = false
 
-  # Don't care if the mailer can't send
+  # Don't care if the mailer can't send.
   config.action_mailer.raise_delivery_errors = false
 
-  # Print deprecation notices to the Rails logger
+  # Print deprecation notices to the Rails logger.
   config.active_support.deprecation = :log
 
-  # Only use best-standards-support built into browsers
+  # Raise an error on page load if there are pending migrations.
-  config.action_dispatch.best_standards_support = :builtin
+  config.active_record.migration_error = :page_load
 
-  # Raise exception on mass assignment protection for Active Record models
+  # Debug mode disables concatenation and preprocessing of assets.
-  config.active_record.mass_assignment_sanitizer = :strict
+  # This option may cause significant delays in view rendering with a large
-
+  # number of complex assets.
-  # Log the query plan for queries taking more than this (works
-  # with SQLite, MySQL, and PostgreSQL)
-  config.active_record.auto_explain_threshold_in_seconds = 0.5
-
-  # Do not compress assets
-  config.assets.compress = false
-
-  # Expands the lines which load the assets
   config.assets.debug = true
+
+  # Adds additional error checking when serving assets at runtime.
+  # Checks for improperly declared sprockets dependencies.
+  # Raises helpful error messages.
+  config.assets.raise_runtime_errors = true
+
+  # Raises error for missing translations
+  # config.action_view.raise_on_missing_translations = true
 end

config/environments/production.rb

@@ -1,67 +1,83 @@
-Danbooru::Application.configure do
+Rails.application.configure do
-  # Settings specified here will take precedence over those in config/application.rb
+  # Settings specified here will take precedence over those in config/application.rb.
 
-  # Code is not reloaded between requests
+  # Code is not reloaded between requests.
   config.cache_classes = true
 
-  # Full error reports are disabled and caching is turned on
+  # Eager load code on boot. This eager loads most of Rails and
+  # your application in memory, allowing both threaded web servers
+  # and those relying on copy on write to perform better.
+  # Rake tasks automatically ignore this option for performance.
+  config.eager_load = true
+
+  # Full error reports are disabled and caching is turned on.
   config.consider_all_requests_local       = false
   config.action_controller.perform_caching = true
 
-  # Disable Rails's static asset server (Apache or nginx will already do this)
+  # Enable Rack::Cache to put a simple HTTP cache in front of your application
+  # Add `rack-cache` to your Gemfile before enabling this.
+  # For large-scale production use, consider using a caching reverse proxy like nginx, varnish or squid.
+  # config.action_dispatch.rack_cache = true
+
+  # Disable Rails's static asset server (Apache or nginx will already do this).
   config.serve_static_assets = false
 
-  # Compress JavaScripts and CSS
+  # Compress JavaScripts and CSS.
-  config.assets.compress = true
+  config.assets.js_compressor = :uglifier
+  # config.assets.css_compressor = :sass
 
-  # Don't fallback to assets pipeline if a precompiled asset is missed
+  # Do not fallback to assets pipeline if a precompiled asset is missed.
-  config.assets.compile = true
+  config.assets.compile = false
 
-  # Generate digests for assets URLs
+  # Generate digests for assets URLs.
   config.assets.digest = true
 
-  # Defaults to Rails.root.join("public/assets")
+  # Version of your assets, change this if you want to expire all your assets.
-  # config.assets.manifest = YOUR_PATH
+  config.assets.version = '1.0'
 
-  # Specifies the header that your server uses for sending files
+  # Specifies the header that your server uses for sending files.
   # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for apache
   # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for nginx
 
   # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
   # config.force_ssl = true
 
-  # See everything in the log (default is :info)
+  # Set to :debug to see everything in the log.
   config.log_level = :error
 
-  # Prepend all log lines with the following tags
+  # Prepend all log lines with the following tags.
   # config.log_tags = [ :subdomain, :uuid ]
 
-  # Use a different logger for distributed setups
+  # Use a different logger for distributed setups.
   # config.logger = ActiveSupport::TaggedLogging.new(SyslogLogger.new)
 
-  # Use a different cache store in production
+  # Use a different cache store in production.
   # config.cache_store = :dalli_store, Danbooru.config.memcached_servers
 
-  # Enable serving of images, stylesheets, and JavaScripts from an asset server
+  # Enable serving of images, stylesheets, and JavaScripts from an asset server.
   # config.action_controller.asset_host = "http://assets.example.com"
 
-  # Precompile additional assets (application.js, application.css, and all non-JS/CSS are already added)
+  # Precompile additional assets.
+  # application.js, application.css, and all non-JS/CSS in app/assets folder are already added.
   # config.assets.precompile += %w( search.js )
 
-  # Disable delivery errors, bad email addresses will be ignored
+  # Ignore bad email addresses and do not raise email delivery errors.
+  # Set this to true and configure the email server for immediate delivery to raise delivery errors.
   # config.action_mailer.raise_delivery_errors = false
 
-  # Enable threaded mode
-  # config.threadsafe!
-
   # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
-  # the I18n.default_locale when a translation can not be found)
+  # the I18n.default_locale when a translation cannot be found).
   config.i18n.fallbacks = true
 
-  # Send deprecation notices to registered listeners
+  # Send deprecation notices to registered listeners.
   config.active_support.deprecation = :notify
 
-  # Log the query plan for queries taking more than this (works
+  # Disable automatic flushing of the log to improve performance.
-  # with SQLite, MySQL, and PostgreSQL)
+  # config.autoflush_log = false
-  # config.active_record.auto_explain_threshold_in_seconds = 0.5
+
+  # Use default logging formatter so that PID and timestamp are not suppressed.
+  config.log_formatter = ::Logger::Formatter.new
+
+  # Do not dump schema after migrations.
+  config.active_record.dump_schema_after_migration = false
 end

config/environments/test.rb

@@ -1,5 +1,5 @@
-Danbooru::Application.configure do
+Rails.application.configure do
-  # Settings specified here will take precedence over those in config/application.rb
+  # Settings specified here will take precedence over those in config/application.rb.
 
   # The test environment is used exclusively to run your application's
   # test suite. You never need to work with it otherwise. Remember that
@@ -7,21 +7,23 @@ Danbooru::Application.configure do
   # and recreated between test runs. Don't rely on the data there!
   config.cache_classes = true
 
-  # Configure static asset server for tests with Cache-Control for performance
+  # Do not eager load code on boot. This avoids loading your whole application
+  # just for the purpose of running a single test. If you are using a tool that
+  # preloads Rails for running tests, you may have to set it to true.
+  config.eager_load = false
+
+  # Configure static asset server for tests with Cache-Control for performance.
   config.serve_static_assets  = true
-  config.static_cache_control = "public, max-age=3600"
+  config.static_cache_control = 'public, max-age=3600'
 
-  # Log error messages when you accidentally call methods on nil
+  # Show full error reports and disable caching.
-  config.whiny_nils = true
-
-  # Show full error reports and disable caching
   config.consider_all_requests_local       = true
   config.action_controller.perform_caching = false
 
-  # Raise exceptions instead of rendering exception templates
+  # Raise exceptions instead of rendering exception templates.
   config.action_dispatch.show_exceptions = false
 
-  # Disable request forgery protection in test environment
+  # Disable request forgery protection in test environment.
   config.action_controller.allow_forgery_protection = false
 
   # Tell Action Mailer not to deliver emails to the real world.
@@ -29,9 +31,9 @@ Danbooru::Application.configure do
   # ActionMailer::Base.deliveries array.
   config.action_mailer.delivery_method = :test
 
-  # Raise exception on mass assignment protection for Active Record models
+  # Print deprecation notices to the stderr.
-  config.active_record.mass_assignment_sanitizer = :strict
-
-  # Print deprecation notices to the stderr
   config.active_support.deprecation = :stderr
+
+  # Raises error for missing translations
+  # config.action_view.raise_on_missing_translations = true
 end

config/initializers/active_record_extensions.rb

@@ -23,7 +23,7 @@ module Danbooru
 
       %w(execute select_value select_values select_all).each do |method_name|
         define_method("#{method_name}_sql") do |sql, *params|
-          connection.__send__(method_name, self.class.sanitize_sql_array([sql, *params]))
+          self.class.connection.__send__(method_name, self.class.sanitize_sql_array([sql, *params]))
         end
 
         self.class.__send__(:define_method, "#{method_name}_sql") do |sql, *params|

config/initializers/cookies_serializer.rb

@@ -0,0 +1,3 @@
+# Be sure to restart your server when you modify this file.
+
+Rails.application.config.action_dispatch.cookies_serializer = :json

config/initializers/core_extensions.rb

@@ -23,3 +23,9 @@ end
 class String
   include Danbooru::Extensions::String
 end
+
+class FalseClass
+  def to_i
+    0
+  end
+end

config/initializers/filter_parameter_logging.rb

@@ -0,0 +1,4 @@
+# Be sure to restart your server when you modify this file.
+
+# Configure sensitive parameters which will be filtered from the log file.
+Rails.application.config.filter_parameters += [:password]

config/initializers/inflections.rb

@@ -1,15 +1,16 @@
 # Be sure to restart your server when you modify this file.
 
-# Add new inflection rules using the following format
+# Add new inflection rules using the following format. Inflections
-# (all these examples are active by default):
+# are locale specific, and you may define rules for as many different
-# ActiveSupport::Inflector.inflections do |inflect|
+# locales as you wish. All of these examples are active by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
 #   inflect.plural /^(ox)$/i, '\1en'
 #   inflect.singular /^(ox)en/i, '\1'
 #   inflect.irregular 'person', 'people'
 #   inflect.uncountable %w( fish sheep )
 # end
-#
+
 # These inflection rules are supported but not enabled by default:
-# ActiveSupport::Inflector.inflections do |inflect|
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
 #   inflect.acronym 'RESTful'
 # end

config/initializers/mime_types.rb

@@ -2,4 +2,3 @@
 
 # Add new mime types for use in respond_to blocks:
 # Mime::Type.register "text/richtext", :rtf
-# Mime::Type.register_alias "text/html", :iphone

config/initializers/secret_token.rb

@@ -2,8 +2,8 @@ require File.expand_path('../../state_checker', __FILE__)
 
 StateChecker.new.check!
 
-Danbooru::Application.config.action_dispatch.session = {
+Rails.application.config.action_dispatch.session = {
   :key    => '_danbooru2_session',
   :secret => File.read(File.expand_path("~/.danbooru/session_secret_key"))
 }
-Danbooru::Application.config.secret_token = File.read(File.expand_path("~/.danbooru/secret_token"))
+Rails.application.config.secret_token = File.read(File.expand_path("~/.danbooru/secret_token"))

config/initializers/session_store.rb

@@ -1,8 +1,3 @@
 # Be sure to restart your server when you modify this file.
 
-Danbooru::Application.config.session_store :cookie_store, :key => '_danbooru_session'
+Rails.application.config.session_store :cookie_store, key: '_danbooru_session'
-
-# Use the database for sessions instead of the cookie-based default,
-# which shouldn't be used to store highly confidential information
-# (create the session table with "rails generate session_migration")
-# Danbooru::Application.config.session_store :active_record_store

config/initializers/wrap_parameters.rb

@@ -1,14 +1,14 @@
 # Be sure to restart your server when you modify this file.
-#
+
 # This file contains settings for ActionController::ParamsWrapper which
 # is enabled by default.
 
 # Enable parameter wrapping for JSON. You can disable this by setting :format to an empty array.
 ActiveSupport.on_load(:action_controller) do
-  wrap_parameters format: [:json]
+  wrap_parameters format: [:json] if respond_to?(:wrap_parameters)
 end
 
-# Disable root element in JSON by default.
+# To enable root element in JSON for ActiveRecord objects.
 ActiveSupport.on_load(:active_record) do
   self.include_root_in_json = false
 end

config/initializers/z_action_mailer.rb

@@ -1,5 +1,5 @@
 if Danbooru.config.amazon_ses && Rails.env == "production"
-  Danbooru::Application.config.action_mailer.smtp_settings = {
+  Rails.application.config.action_mailer.smtp_settings = {
     :address => Danbooru.config.amazon_ses[:smtp_server_name],
     :user_name => Danbooru.config.amazon_ses[:ses_smtp_user_name],
     :password => Danbooru.config.amazon_ses[:ses_smtp_password],

config/initializers/z_dalli.rb

@@ -3,7 +3,7 @@ unless defined?(MEMCACHE)
 end
 
 if Rails.env.production?
-  Danbooru::Application.configure do
+  Rails.application.configure do
     config.cache_store = :dalli_store, Danbooru.config.memcached_servers
   end
 end

config/routes.rb

@@ -1,4 +1,4 @@
-Danbooru::Application.routes.draw do
+Rails.application.routes.draw do
   namespace :admin do
     resources :users, :only => [:edit, :update]
     resource  :alias_and_implication_import, :only => [:new, :create]
@@ -149,7 +149,7 @@ Danbooru::Application.routes.draw do
       put :revert
       post :undelete
     end
-    resource :order, :only => [:edit, :update], :controller => "PoolOrders"
+    resource :order, :only => [:edit, :update], :controller => "pool_orders"
   end
   resource  :pool_element, :only => [:create, :destroy] do
     collection do
@@ -191,7 +191,7 @@ Danbooru::Application.routes.draw do
   end
   resources :artist_commentary_versions, :only => [:index]
   resource :related_tag, :only => [:show]
-  match "reports/user_promotions" => "reports#user_promotions"
+  get "reports/user_promotions" => "reports#user_promotions"
   resource :session do
     collection do
       get :sign_out
@@ -199,10 +199,10 @@ Danbooru::Application.routes.draw do
   end
   resource :source, :only => [:show]
   resources :tags do
-    resource :correction, :only => [:new, :create, :show], :controller => "TagCorrections"
+    resource :correction, :only => [:new, :create, :show], :controller => "tag_corrections"
   end
   resources :tag_aliases do
-    resource :correction, :only => [:create, :new, :show], :controller => "TagAliasCorrections"
+    resource :correction, :only => [:create, :new, :show], :controller => "tag_alias_corrections"
     member do
       post :approve
     end
@@ -262,28 +262,25 @@ Danbooru::Application.routes.draw do
   resources :wpages, :controller => "wiki_pages"
   resources :ftopics, :controller => "forum_topics"
   resources :fposts, :controller => "forum_posts"
-  match "/m/posts", :controller => "mobile/posts", :action => "index"
+  get "/m/posts", :controller => "mobile/posts", :action => "index"
-  match "/m/posts/:id", :controller => "mobile/posts", :action => "show"
+  get "/m/posts/:id", :controller => "mobile/posts", :action => "show"
-  match "/iqdb/similar_by_source", :controller => "iqdb", :action => "similar_by_source"
+  get "/iqdb/similar_by_source", :controller => "iqdb", :action => "similar_by_source"
 
   # legacy aliases
-  match "/artist" => redirect {|params, req| "/artists?page=#{req.params[:page]}&search[name]=#{CGI::escape(req.params[:name].to_s)}"}
+  get "/artist" => redirect {|params, req| "/artists?page=#{req.params[:page]}&search[name]=#{CGI::escape(req.params[:name].to_s)}"}
-  match "/artist/index.xml", :controller => "legacy", :action => "artists", :format => "xml"
+  get "/artist/index.xml", :controller => "legacy", :action => "artists", :format => "xml"
-  match "/artist/index.json", :controller => "legacy", :action => "artists", :format => "json"
+  get "/artist/index.json", :controller => "legacy", :action => "artists", :format => "json"
-  match "/artist/index" => redirect {|params, req| "/artists?page=#{req.params[:page]}"}
+  get "/artist/index" => redirect {|params, req| "/artists?page=#{req.params[:page]}"}
-  match "/artist/show/:id" => redirect("/artists/%{id}")
+  get "/artist/show/:id" => redirect("/artists/%{id}")
-  match "/artist/show" => redirect {|params, req| "/artists?name=#{CGI::escape(req.params[:name].to_s)}"}
+  get "/artist/show" => redirect {|params, req| "/artists?name=#{CGI::escape(req.params[:name].to_s)}"}
-  match "/artist/history/:id" => redirect("/artist_versions?search[artist_id]=%{id}")
+  get "/artist/history/:id" => redirect("/artist_versions?search[artist_id]=%{id}")
-  match "/artist/update/:id" => redirect("/artists/%{id}")
+  get "/artist/recent_changes" => redirect("/artist_versions")
-  match "/artist/destroy/:id" => redirect("/artists/%{id}")
-  match "/artist/recent_changes" => redirect("/artist_versions")
-  match "/artist/create" => redirect("/artists")
 
-  match "/comment" => redirect {|params, req| "/comments?page=#{req.params[:page]}"}
+  get "/comment" => redirect {|params, req| "/comments?page=#{req.params[:page]}"}
-  match "/comment/index" => redirect {|params, req| "/comments?page=#{req.params[:page]}"}
+  get "/comment/index" => redirect {|params, req| "/comments?page=#{req.params[:page]}"}
-  match "/comment/show/:id" => redirect("/comments/%{id}")
+  get "/comment/show/:id" => redirect("/comments/%{id}")
-  match "/comment/new" => redirect("/comments")
+  get "/comment/new" => redirect("/comments")
-  match("/comment/search" => redirect do |params, req|
+  get("/comment/search" => redirect do |params, req|
     if req.params[:query] =~ /^user:(.+)/i
       "/comments?group_by=comment&search[creator_name]=#{CGI::escape($1)}"
     else
@@ -291,88 +288,85 @@ Danbooru::Application.routes.draw do
     end
   end)
 
-  match "/favorite" => redirect {|params, req| "/favorites?page=#{req.params[:page]}"}
+  get "/favorite" => redirect {|params, req| "/favorites?page=#{req.params[:page]}"}
-  match "/favorite/index" => redirect {|params, req| "/favorites?page=#{req.params[:page]}"}
+  get "/favorite/index" => redirect {|params, req| "/favorites?page=#{req.params[:page]}"}
-  match "/favorite/list_users.json", :controller => "legacy", :action => "unavailable"
+  get "/favorite/list_users.json", :controller => "legacy", :action => "unavailable"
 
-  match "/forum" => redirect {|params, req| "/forum_topics?page=#{req.params[:page]}"}
+  get "/forum" => redirect {|params, req| "/forum_topics?page=#{req.params[:page]}"}
-  match "/forum/index" => redirect {|params, req| "/forum_topics?page=#{req.params[:page]}"}
+  get "/forum/index" => redirect {|params, req| "/forum_topics?page=#{req.params[:page]}"}
-  match "/forum/show/:id" => redirect {|params, req| "/forum_posts/#{req.params[:id]}?page=#{req.params[:page]}"}
+  get "/forum/show/:id" => redirect {|params, req| "/forum_posts/#{req.params[:id]}?page=#{req.params[:page]}"}
-  match "/forum/search" => redirect("/forum_posts/search")
+  get "/forum/search" => redirect("/forum_posts/search")
-  match "/forum/new" => redirect("/forum_posts/new")
-  match "/forum/edit/:id" => redirect("/forum_posts/%{id}/edit")
 
-  match "/help/:title" => redirect {|params, req| ("/wiki_pages?title=#{CGI::escape('help:' + req.params[:title])}")}
+  get "/help/:title" => redirect {|params, req| ("/wiki_pages?title=#{CGI::escape('help:' + req.params[:title])}")}
 
-  match "/note" => redirect {|params, req| "/notes?page=#{req.params[:page]}"}
+  get "/note" => redirect {|params, req| "/notes?page=#{req.params[:page]}"}
-  match "/note/index" => redirect {|params, req| "/notes?page=#{req.params[:page]}"}
+  get "/note/index" => redirect {|params, req| "/notes?page=#{req.params[:page]}"}
-  match "/note/history" => redirect {|params, req| "/note_versions?search[updater_id]=#{req.params[:user_id]}"}
+  get "/note/history" => redirect {|params, req| "/note_versions?search[updater_id]=#{req.params[:user_id]}"}
 
-  match "/pool" => redirect {|params, req| "/pools?page=#{req.params[:page]}"}
+  get "/pool" => redirect {|params, req| "/pools?page=#{req.params[:page]}"}
-  match "/pool/index" => redirect {|params, req| "/pools?page=#{req.params[:page]}"}
+  get "/pool/index" => redirect {|params, req| "/pools?page=#{req.params[:page]}"}
-  match "/pool/show/:id" => redirect("/pools/%{id}")
+  get "/pool/show/:id" => redirect("/pools/%{id}")
-  match "/pool/history/:id" => redirect("/pool_versions?search[pool_id]=%{id}")
+  get "/pool/history/:id" => redirect("/pool_versions?search[pool_id]=%{id}")
-  match "/pool/recent_changes" => redirect("/pool_versions")
+  get "/pool/recent_changes" => redirect("/pool_versions")
 
-  match "/post/index.xml", :controller => "legacy", :action => "posts", :format => "xml"
+  get "/post/index.xml", :controller => "legacy", :action => "posts", :format => "xml"
-  match "/post/index.json", :controller => "legacy", :action => "posts", :format => "json"
+  get "/post/index.json", :controller => "legacy", :action => "posts", :format => "json"
-  match "/post/create.xml", :controller => "legacy", :action => "create_post", :format => "xml"
+  get "/post/create.xml", :controller => "legacy", :action => "create_post", :format => "xml"
-  match "/post/piclens", :controller => "legacy", :action => "unavailable"
+  get "/post/piclens", :controller => "legacy", :action => "unavailable"
-  match "/post/index" => redirect {|params, req| "/posts?tags=#{CGI::escape(req.params[:tags].to_s)}&page=#{req.params[:page]}"}
+  get "/post/index" => redirect {|params, req| "/posts?tags=#{CGI::escape(req.params[:tags].to_s)}&page=#{req.params[:page]}"}
-  match "/post" => redirect {|params, req| "/posts?tags=#{CGI::escape(req.params[:tags].to_s)}&page=#{req.params[:page]}"}
+  get "/post" => redirect {|params, req| "/posts?tags=#{CGI::escape(req.params[:tags].to_s)}&page=#{req.params[:page]}"}
-  match "/post/upload" => redirect("/uploads/new")
+  get "/post/upload" => redirect("/uploads/new")
-  match "/post/moderate" => redirect("/moderator/post/queue")
+  get "/post/moderate" => redirect("/moderator/post/queue")
-  match "/post/atom" => redirect {|params, req| "/posts.atom?tags=#{CGI::escape(req.params[:tags].to_s)}"}
+  get "/post/atom" => redirect {|params, req| "/posts.atom?tags=#{CGI::escape(req.params[:tags].to_s)}"}
-  match "/post/atom.feed" => redirect {|params, req| "/posts.atom?tags=#{CGI::escape(req.params[:tags].to_s)}"}
+  get "/post/atom.feed" => redirect {|params, req| "/posts.atom?tags=#{CGI::escape(req.params[:tags].to_s)}"}
-  match "/post/popular_by_day" => redirect("/explore/posts/popular")
+  get "/post/popular_by_day" => redirect("/explore/posts/popular")
-  match "/post/popular_by_week" => redirect("/explore/posts/popular")
+  get "/post/popular_by_week" => redirect("/explore/posts/popular")
-  match "/post/popular_by_month" => redirect("/explore/posts/popular")
+  get "/post/popular_by_month" => redirect("/explore/posts/popular")
-  match "/post/show/:id/:tag_title" => redirect("/posts/%{id}")
+  get "/post/show/:id/:tag_title" => redirect("/posts/%{id}")
-  match "/post/show/:id" => redirect("/posts/%{id}")
+  get "/post/show/:id" => redirect("/posts/%{id}")
-  match "/post/show" => redirect {|params, req| "/posts?md5=#{req.params[:md5]}"}
+  get "/post/show" => redirect {|params, req| "/posts?md5=#{req.params[:md5]}"}
-  match "/post/view/:id/:tag_title" => redirect("/posts/%{id}")
+  get "/post/view/:id/:tag_title" => redirect("/posts/%{id}")
-  match "/post/view/:id" => redirect("/posts/%{id}")
+  get "/post/view/:id" => redirect("/posts/%{id}")
-  match "/post/flag/:id" => redirect("/posts/%{id}")
+  get "/post/flag/:id" => redirect("/posts/%{id}")
 
-  match("/post_tag_history" => redirect do |params, req|
+  get("/post_tag_history" => redirect do |params, req|
     page = req.params[:before_id].present? ? "b#{req.params[:before_id]}" : req.params[:page]
     "/post_versions?page=#{page}&search[updater_id]=#{req.params[:user_id]}"
   end)
-  match "/post_tag_history/index" => redirect {|params, req| "/post_versions?page=#{req.params[:page]}&search[post_id]=#{req.params[:post_id]}"}
+  get "/post_tag_history/index" => redirect {|params, req| "/post_versions?page=#{req.params[:page]}&search[post_id]=#{req.params[:post_id]}"}
 
-  match "/tag/index.xml", :controller => "legacy", :action => "tags", :format => "xml"
+  get "/tag/index.xml", :controller => "legacy", :action => "tags", :format => "xml"
-  match "/tag/index.json", :controller => "legacy", :action => "tags", :format => "json"
+  get "/tag/index.json", :controller => "legacy", :action => "tags", :format => "json"
-  match "/tag" => redirect {|params, req| "/tags?page=#{req.params[:page]}&search[name_matches]=#{CGI::escape(req.params[:name].to_s)}&search[order]=#{req.params[:order]}&search[category]=#{req.params[:type]}"}
+  get "/tag" => redirect {|params, req| "/tags?page=#{req.params[:page]}&search[name_matches]=#{CGI::escape(req.params[:name].to_s)}&search[order]=#{req.params[:order]}&search[category]=#{req.params[:type]}"}
-  match "/tag/index" => redirect {|params, req| "/tags?page=#{req.params[:page]}&search[name_matches]=#{CGI::escape(req.params[:name].to_s)}&search[order]=#{req.params[:order]}"}
+  get "/tag/index" => redirect {|params, req| "/tags?page=#{req.params[:page]}&search[name_matches]=#{CGI::escape(req.params[:name].to_s)}&search[order]=#{req.params[:order]}"}
 
-  match "/tag_implication" => redirect {|params, req| "/tag_implications?search[name_matches]=#{CGI::escape(req.params[:query].to_s)}"}
+  get "/tag_implication" => redirect {|params, req| "/tag_implications?search[name_matches]=#{CGI::escape(req.params[:query].to_s)}"}
 
-  match "/user/index.xml", :controller => "legacy", :action => "users", :format => "xml"
+  get "/user/index.xml", :controller => "legacy", :action => "users", :format => "xml"
-  match "/user/index.json", :controller => "legacy", :action => "users", :format => "json"
+  get "/user/index.json", :controller => "legacy", :action => "users", :format => "json"
-  match "/user" => redirect {|params, req| "/users?page=#{req.params[:page]}"}
+  get "/user" => redirect {|params, req| "/users?page=#{req.params[:page]}"}
-  match "/user/index" => redirect {|params, req| "/users?page=#{req.params[:page]}"}
+  get "/user/index" => redirect {|params, req| "/users?page=#{req.params[:page]}"}
-  match "/user/show/:id" => redirect("/users/%{id}")
+  get "/user/show/:id" => redirect("/users/%{id}")
-  match "/user/login" => redirect("/sessions/new")
+  get "/user/login" => redirect("/sessions/new")
-  match "/user_record" => redirect {|params, req| "/user_feedbacks?search[user_id]=#{req.params[:user_id]}"}
+  get "/user_record" => redirect {|params, req| "/user_feedbacks?search[user_id]=#{req.params[:user_id]}"}
 
-  match "/wiki" => redirect {|params, req| "/wiki_pages?page=#{req.params[:page]}"}
+  get "/wiki" => redirect {|params, req| "/wiki_pages?page=#{req.params[:page]}"}
-  match "/wiki/index" => redirect {|params, req| "/wiki_pages?page=#{req.params[:page]}"}
+  get "/wiki/index" => redirect {|params, req| "/wiki_pages?page=#{req.params[:page]}"}
-  match "/wiki/revert" => redirect("/wiki_pages")
+  get "/wiki/rename" => redirect("/wiki_pages")
-  match "/wiki/rename" => redirect("/wiki_pages")
+  get "/wiki/show" => redirect {|params, req| "/wiki_pages?title=#{CGI::escape(req.params[:title].to_s)}"}
-  match "/wiki/show" => redirect {|params, req| "/wiki_pages?title=#{CGI::escape(req.params[:title].to_s)}"}
+  get "/wiki/recent_changes" => redirect {|params, req| "/wiki_page_versions?search[updater_id]=#{req.params[:user_id]}"}
-  match "/wiki/recent_changes" => redirect {|params, req| "/wiki_page_versions?search[updater_id]=#{req.params[:user_id]}"}
+  get "/wiki/history/:title" => redirect("/wiki_page_versions?title=%{title}")
-  match "/wiki/history/:title" => redirect("/wiki_page_versions?title=%{title}")
 
-  match "/static/keyboard_shortcuts" => "static#keyboard_shortcuts", :as => "keyboard_shortcuts"
+  get "/static/keyboard_shortcuts" => "static#keyboard_shortcuts", :as => "keyboard_shortcuts"
-  match "/static/bookmarklet" => "static#bookmarklet", :as => "bookmarklet"
+  get "/static/bookmarklet" => "static#bookmarklet", :as => "bookmarklet"
-  match "/static/site_map" => "static#site_map", :as => "site_map"
+  get "/static/site_map" => "static#site_map", :as => "site_map"
-  match "/static/terms_of_service" => "static#terms_of_service", :as => "terms_of_service"
+  get "/static/terms_of_service" => "static#terms_of_service", :as => "terms_of_service"
-  match "/static/accept_terms_of_service" => "static#accept_terms_of_service", :as => "accept_terms_of_service"
+  get "/static/accept_terms_of_service" => "static#accept_terms_of_service", :as => "accept_terms_of_service"
-  match "/static/mrtg" => "static#mrtg", :as => "mrtg"
+  get "/static/mrtg" => "static#mrtg", :as => "mrtg"
-  match "/static/contact" => "static#contact", :as => "contact"
+  get "/static/contact" => "static#contact", :as => "contact"
-  match "/static/benchmark" => "static#benchmark"
+  get "/static/benchmark" => "static#benchmark"
-  match "/static/name_change" => "static#name_change", :as => "name_change"
+  get "/static/name_change" => "static#name_change", :as => "name_change"
-  match "/meta_searches/tags" => "meta_searches#tags", :as => "meta_searches_tags"
+  get "/meta_searches/tags" => "meta_searches#tags", :as => "meta_searches_tags"
 
   root :to => "posts#index"
 end

config/secrets.yml

@@ -0,0 +1,22 @@
+# Be sure to restart your server when you modify this file.
+
+# Your secret key is used for verifying the integrity of signed cookies.
+# If you change this key, all old signed cookies will become invalid!
+
+# Make sure the secret is at least 30 characters and all random,
+# no regular words or you'll be exposed to dictionary attacks.
+# You can use `rake secret` to generate a secure secret key.
+
+# Make sure the secrets in this file are kept private
+# if you're sharing your code publicly.
+
+development:
+  secret_key_base: bcc62a512b9c055c292c17742f1e65bd6d88fa37f4d01c8475103809f3ac4c03e3e98605c47d55cd8801333010ea98920a61b722770629926759624bce732539
+
+test:
+  secret_key_base: 60e32a818af77bdfc40bca866e3b4d7b88d7ba767057ffc9e4532279358af8c67d42f2b99c084b700727303ce25b812a592b52723ebc1e3b812fd09a1f969435
+
+# Do not keep production secrets in the repository,
+# instead read values from the environment.
+production:
+  secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>

script/fixes/023_remove_expunged_posts_from_pools.rb

@@ -7,7 +7,7 @@ ActiveRecord::Base.connection.execute("set statement_timeout = 0")
 CurrentUser.user = User.admins.first
 CurrentUser.ip_addr = "127.0.0.1"
 
-live_post_ids = Post.order("id asc").all(:select => "id").map!(&:id)
+live_post_ids = Post.order("id asc").all(:select => "id").map(&:id)
 all_post_ids = (1..live_post_ids.last).to_a
 dead_post_ids = all_post_ids - live_post_ids
 

test/functional/tag_implication_requests_controller_test.rb

@@ -17,7 +17,7 @@ class TagImplicationRequestsControllerTest < ActionController::TestCase
 
     context "new action" do
       should "render" do
-        get :new, {}, {:user => @user.id}
+        get :new, {}, {:user_id => @user.id}
         assert_response :success
       end
     end
@@ -25,7 +25,7 @@ class TagImplicationRequestsControllerTest < ActionController::TestCase
     context "create action" do
       should "render" do
         assert_difference("ForumTopic.count", 1) do
-          post :create, {:tag_implication_request => {:antecedent_name => "aaa", :consequent_name => "bbb", :reason => "ccc"}}, {:user => @user.id}
+          post :create, {:tag_implication_request => {:antecedent_name => "aaa", :consequent_name => "bbb", :reason => "ccc"}}, {:user_id => @user.id}
         end
         assert_redirected_to(forum_topic_path(ForumTopic.last))
       end

test/functional/tag_implications_controller_test.rb

@@ -17,7 +17,9 @@ class TagImplicationsControllerTest < ActionController::TestCase
 
     context "index action" do
       setup do
-        @tag_implication = FactoryGirl.create(:tag_implication, :antecedent_name => "aaa", :consequent_name => "bbb", :creator => @user)
+        CurrentUser.scoped(@user, "127.0.0.1") do
+          @tag_implication = FactoryGirl.create(:tag_implication, :antecedent_name => "aaa", :consequent_name => "bbb")
+        end
       end
 
       should "list all tag implications" do
@@ -41,7 +43,9 @@ class TagImplicationsControllerTest < ActionController::TestCase
 
     context "destroy action" do
       setup do
-        @tag_implication = FactoryGirl.create(:tag_implication, :creator => @user)
+        CurrentUser.scoped(@user, "127.0.0.1") do
+          @tag_implication = FactoryGirl.create(:tag_implication)
+        end
       end
 
       should "destroy a tag_implication" do

test/unit/advertisement_test.rb

@@ -15,8 +15,8 @@ class AdvertisementTest < ActiveSupport::TestCase
       assert_difference("AdvertisementHit.count") do
         @ad.hit!("0.0.0.0")
       end
-      assert_equal("0.0.0.0", AdvertisementHit.first.ip_addr)
+      assert_equal("0.0.0.0", AdvertisementHit.first.ip_addr.to_s)
-      assert_equal(1, AdvertisementHit.first.advertisement_id)
+      assert_equal(@ad.id, AdvertisementHit.first.advertisement_id)
       assert_equal(1, @ad.hit_sum(1.day.ago, 1.day.from_now))
       assert_equal(0, @ad.hit_sum(2.days.ago, 1.day.ago))
     end

test/unit/meta_searches/tag_test.rb

@@ -2,31 +2,31 @@ require "test_helper"
 
 module MetaSearches
   class TagTest < ActionMailer::TestCase
-    context "The tag metasearcg" do
+    context "The tag metasearch" do
       setup do
         CurrentUser.user = FactoryGirl.create(:user)
         CurrentUser.ip_addr = "127.0.0.1"
-        FactoryGirl.create(:tag, :name => "xxx")
+        FactoryGirl.create(:post, :tag_string => "xxx")
         FactoryGirl.create(:tag_alias, :antecedent_name => "aaa", :consequent_name => "bbb")
         FactoryGirl.create(:tag_implication, :antecedent_name => "ccc", :consequent_name => "ddd")
       end
 
       should "find the tag" do
-        meta_search = Tag.new(:name => "xxx")
+        meta_search = MetaSearches::Tag.new(:name => "xxx")
         meta_search.load_all
         assert_equal(1, meta_search.tags.size)
         assert_equal("xxx", meta_search.tags.first.name)
       end
 
       should "find the alias" do
-        meta_search = Tag.new(:name => "aaa")
+        meta_search = MetaSearches::Tag.new(:name => "aaa")
         meta_search.load_all
         assert_equal(1, meta_search.tag_aliases.size)
         assert_equal("aaa", meta_search.tag_aliases.first.antecedent_name)
       end
 
       should "find the implication" do
-        meta_search = Tag.new(:name => "ccc")
+        meta_search = MetaSearches::Tag.new(:name => "ccc")
         meta_search.load_all
         assert_equal(1, meta_search.tag_implications.size)
         assert_equal("ccc", meta_search.tag_implications.first.antecedent_name)

test/unit/note_test.rb

@@ -144,8 +144,15 @@ class NoteTest < ActiveSupport::TestCase
 
       context "the act of undoing all changes by that user" do
         should "revert any affected notes" do
+          assert_equal(2, NoteVersion.count)
+          assert_equal([1, 2], @note.versions.map(&:version))
+          assert_equal([@user.id, @vandal.id], @note.versions.map(&:updater_id))
+          Timecop.travel(1.day.from_now) do
             Note.undo_changes_by_user(@vandal.id)
+          end
           @note.reload
+          assert_equal([1, 3], @note.versions.map(&:version))
+          assert_equal([@user.id, @user.id], @note.versions.map(&:updater_id))
           assert_equal(5, @note.x)
           assert_equal(5, @note.y)
         end

test/unit/pool_test.rb

@@ -1,3 +1,5 @@
+# encoding: utf-8
+
 require 'test_helper'
 
 class PoolTest < ActiveSupport::TestCase
@@ -23,6 +25,16 @@ class PoolTest < ActiveSupport::TestCase
     end
   end
 
+  context "A multibyte character name" do
+    setup do
+      @mb_pool = FactoryGirl.create(:pool, :name => "àáâãäå")
+    end
+
+    should "be mapped to a pool id" do
+      assert_equal(@mb_pool.id, Pool.name_to_id("àáâãäå"))
+    end
+  end
+
   context "An id number" do
     setup do
       @pool = FactoryGirl.create(:pool)
@@ -188,14 +200,24 @@ class PoolTest < ActiveSupport::TestCase
     end
 
     should "create new versions for each distinct user" do
-      assert_equal(1, @pool.versions(true).size)
+      assert_equal(1, @pool.versions.size)
+      user2 = FactoryGirl.create(:user)
+
+      CurrentUser.scoped(user2, "127.0.0.2") do
         @pool.post_ids = "#{@p1.id}"
-      CurrentUser.ip_addr = "1.2.3.4"
         @pool.save
-      assert_equal(2, @pool.versions(true).size)
+      end
+
+      @pool.reload
+      assert_equal(2, @pool.versions.size)
+
+      CurrentUser.scoped(user2, "127.0.0.2") do
         @pool.post_ids = "#{@p1.id} #{@p2.id}"
         @pool.save
-      assert_equal(2, @pool.versions(true).size)
+      end
+
+      @pool.reload
+      assert_equal(2, @pool.versions.size)
     end
 
     should "know what its post ids were previously" do