Commit 3a4b650c authored by lechuck's avatar lechuck Committed by lucha

upgrade Nextgen gallery to 2.0.66.17

parent 3aa1f60b
NextGEN Gallery
by Photocrati Media
= V2.0.66.17 - 08.08.2014 =
* NEW: Added french translations
* Secured: XSS vulnerability in jQuery Plupload Queue (thanks Codevigilant Team)
* Secured: XSS vulnerability in thumbnail/slideshow integration links
* Secured: XSS vulnerability on Manage Albums page
= V2.0.66.16 - 07.30.2014 =
* NEW: Added new "limit" setting to Slideshow widgets
* NEW: Added a "ngg_routes" action for other plugins to hook into to provide new routes
* NEW: Added NGG_SKIP_LOAD_SCRIPTS constant, which existed in 1.9.x
* NEW: Added NGG_GALLERY_ROOT_TYPE constant. Set to 'content' to load galleries from the content_dir / content_url
* NEW: Bosnian (bs_BA) language thanks to Nevesin Srdoc
* NEW: Chinese (zh_CN) language thanks to Vahi Chen, http://www.vahichen.com
* NEW: Dutch (nl_NL) language thanks to Taeke Kooiker
* NEW: Filipino (fil) language thanks to Find Hold, http://www.findhold.dk/
* NEW: French (fr_FR) language thanks to Jean-Yves Dumaine & Le Blog de Lise
* NEW: Hungarian (hu_HU) language thanks to Zoltán Varanka
* NEW: Italian (it_IT) language thanks to Jacopo Caggiano, @tizz
* NEW: Russian (ru_RU) language thanks to SnakeD3
* NEW: Spanish (es_ES) language thanks to Andrew Kurtis at WebHostingHub
* Changed: Updated Czech language thanks to Separatista; additional thanks to Martin Krizek for the original translation who was mistakenly unaccredited
* Changed: "Upgrade to Pro" page has new design, advertises for NextGEN Plus
* Changed: Basic Albums templates now given the image counter <p> element the class 'ngg-album-gallery-image-counter' (by user request)
* Changed: Gallery widgets now apply height:auto to their element; fixes compatibility with some themes
* Changed: Random galleries should be substantially faster now (1000% or more for large image tables)
* Fixed: Complete WPML compatibility
* Fixed: Disable Buddypress 'bp_do_redirect_canonical' filter as it ruins our routing system
* Fixed: Use plugins_url() content_url() when appropriate rather than just site_url() and home_url()
* Fixed: WP Cron job will remove not only displayed gallery transients, but rendering transients as well
* Fixed: NGG_RENDERING_CACHE_TTL constant is honored properly
* Fixed: If using the caption template for Basic Thumbnails, only show the image caption when appropriate
* Fixed: If NGG is uninstalled, so are it's custom capabilities
* Fixed: Translate "Attach NextGEN Gallery to Post" ATP icon alt text when translations are active
* Fixed: Multisite gallery path tooltip gave a wrong default setting
* Fixed: Flush 'all' caches when pope_module_list setting changes
* Fixed: Don't enqueue related images css in the admin
* Fixed: Basic Slideshows fixes WP creating extraneous <p> element above the slideshow display
* Fixed: Basic Singlepic will now display images marked 'excluded' in the admin
* Fixed: Admin pages can now update when the "Save" button text has been translated
= V2.0.66 - 05.20.2014 =
* Secured: Check mime type of image files using a variety of mechanisms
= V2.0.65 - 05.04.2014 =
* Secured: Limit uploads to images and zips
......
......@@ -4,7 +4,7 @@ if(preg_match('#' . basename(__FILE__) . '#', $_SERVER['PHP_SELF'])) { die('You
/**
* Plugin Name: NextGEN Gallery by Photocrati
* Description: The most popular gallery plugin for WordPress and one of the most popular plugins of all time with over 9 million downloads.
* Version: 2.0.65
* Version: 2.0.66.17
* Author: Photocrati Media
* Plugin URI: http://www.nextgen-gallery.com
* Author URI: http://www.photocrati.com
......@@ -299,7 +299,7 @@ class C_NextGEN_Bootstrap
*/
function delete_expired_transients()
{
C_Photocrati_Cache::flush('displayed_galleries', TRUE);
C_Photocrati_Cache::flush('all', TRUE);
}
/**
......@@ -392,7 +392,8 @@ class C_NextGEN_Bootstrap
function route()
{
$this->_load_pope();
$router = $this->_registry->get_utility('I_Router');
$router = C_Router::get_instance();
do_action_ref_array('ngg_routes', array(&$router));
if (!$router->serve_request() && $router->has_parameter_segments()) {
return $router->passthru();
}
......@@ -430,7 +431,7 @@ class C_NextGEN_Bootstrap
define('NGG_PRODUCT_URL', path_join(str_replace("\\", '/', NGG_PLUGIN_URL), 'products'));
define('NGG_MODULE_URL', path_join(str_replace("\\", '/', NGG_PRODUCT_URL), 'photocrati_nextgen/modules'));
define('NGG_PLUGIN_STARTED_AT', microtime());
define('NGG_PLUGIN_VERSION', '2.0.65');
define('NGG_PLUGIN_VERSION', '2.0.66.17');
if (!defined('NGG_HIDE_STRICT_ERRORS')) {
define('NGG_HIDE_STRICT_ERRORS', TRUE);
......
......@@ -173,6 +173,9 @@ class C_NextGen_Style_Manager
}
}
if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN')
$retval = str_replace('/', DIRECTORY_SEPARATOR, $retval);
return $retval;
}
......@@ -185,8 +188,8 @@ class C_NextGen_Style_Manager
if (!$selected) $selected = $this->get_selected_stylesheet();
$retval = str_replace(
C_Fs::get_instance()->get_document_root(),
site_url(),
C_Fs::get_instance()->get_document_root('content'),
content_url(),
$this->find_selected_stylesheet_abspath($selected)
);
......
......@@ -131,7 +131,7 @@ if (!class_exists('C_Photocrati_Installer'))
}
// The cache should be flushed
C_Photocrati_Cache::flush();
C_Photocrati_Cache::flush('all');
// Remove all NGG created cron jobs
self::refresh_cron();
......
......@@ -12,6 +12,8 @@ class C_Ajax_Controller extends C_MVC_Controller
function index_action()
{
$retval = NULL;
// Inform the MVC framework what type of content we're returning
$this->set_content_type('json');
......@@ -24,11 +26,9 @@ class C_Ajax_Controller extends C_MVC_Controller
if ($this->has_method($method)) {
$retval = $this->call_method($method);
}
else $retval = array('error' => 'Not a valid AJAX action');
}
// If no retval has been set, then return an error
if (is_null($retval))
$retval = array('error' => 'Not a valid AJAX action');
else $retval = array('error' => 'No action specified');
// Flush the buffer
while (ob_get_level() > 0 ) {
......
......@@ -59,19 +59,23 @@ class M_Ajax extends C_Base_Module
$settings = C_NextGen_Settings::get_instance();
$router = $this->get_registry()->get_utility('I_Router');
$site_url = $router->get_base_url(TRUE);
$home_url = $router->get_base_url();
wp_register_script('photocrati_ajax', $settings->ajax_js_url);
wp_enqueue_script('photocrati_ajax');
$vars = array(
'url' => $router->get_url($settings->ajax_slug, FALSE),
'wp_site_url' => $home_url,
'wp_site_static_url' => str_replace('/index.php', '', str_replace('/index.php', '', $site_url))
'wp_home_url' => $router->get_base_url('home'),
'wp_site_url' => $router->get_base_url('site'),
'wp_root_url' => $router->get_base_url('root'),
'wp_plugins_url' => $router->get_base_url('plugins'),
'wp_content_url' => $router->get_base_url('content'),
'wp_includes_url' => includes_url()
);
wp_localize_script('photocrati_ajax', 'photocrati_ajax', $vars);
if (defined('NGG_SKIP_LOAD_SCRIPTS') && NGG_SKIP_LOAD_SCRIPTS)
return;
wp_register_script('persist-js', $router->get_static_url('photocrati-ajax#persist.js'));
wp_register_script('store-js', $router->get_static_url('photocrati-ajax#store.js'));
wp_register_script('ngg-store-js', $router->get_static_url('photocrati-ajax#ngg_store.js'), array('jquery', 'persist-js', 'store-js'));
......
......@@ -7,7 +7,7 @@ class C_Attach_Controller extends C_NextGen_Admin_Page_Controller
var $_marked_scripts;
var $_is_rendering;
static function &get_instance($context)
static function &get_instance($context='all')
{
if (!isset(self::$_instances[$context])) {
$klass = get_class();
......
......@@ -169,14 +169,14 @@ class M_Attach_To_Post extends C_Base_Module
// To match ATP entries we compare the stored url against a generic path
// We must check HTTP and HTTPS as well as permalink and non-permalink forms
$preview_url = parse_url($router->join_paths(
$router->remove_url_segment('index.php', $router->get_base_url()),
$router->remove_url_segment('index.php', $router->get_base_url('root')),
'/nextgen-attach_to_post/preview'
));
$router->debug = TRUE;
$preview_url = preg_quote($preview_url['host'] . $preview_url['path'], '#');
$alt_preview_url = parse_url($router->join_paths(
$router->remove_url_segment('index.php', $router->get_base_url()),
$router->remove_url_segment('index.php', $router->get_base_url('root')),
'index.php/nextgen-attach_to_post/preview'
));
$alt_preview_url = preg_quote($alt_preview_url['host'] . $alt_preview_url['path'], '#');
......@@ -246,6 +246,7 @@ class M_Attach_To_Post extends C_Base_Module
if (get_user_option('rich_editing') == 'true') {
add_filter('mce_buttons', array(&$this, 'add_attach_to_post_button'));
add_filter('mce_external_plugins', array(&$this, 'add_attach_to_post_tinymce_plugin'));
add_filter('wp_mce_translation', array($this, 'add_attach_to_post_tinymce_i18n'));
}
}
}
......@@ -288,6 +289,18 @@ class M_Attach_To_Post extends C_Base_Module
}
/**
* Adds the Attach To Post TinyMCE i18n strings
* @param $mce_translation
* @return mixed
*/
function add_attach_to_post_tinymce_i18n($mce_translation)
{
$mce_translation['ngg_attach_to_post.title'] = __('Attach NextGEN Gallery to Post', 'nggallery');
return $mce_translation;
}
/**
* Locates the ids of displayed galleries that have been
* removed from the post, and flags then for cleanup (deletion)
......
// Self-executing function to create and register the TinyMCE plugin
(function(siteurl) {
tinyMCE.addI18n('en.ngg_attach_to_post', {
title: 'Attach NextGEN Gallery to Post'
});
// Create the plugin. We'll register it afterwards
tinymce.create('tinymce.plugins.NextGEN_AttachToPost', {
......
......@@ -765,8 +765,23 @@ jQuery(function($){
render: function() {
// Create all elements
var image_container = $('<div/>').addClass('image_container');
// 2.0.66 did not support plugins_url, 2.0.66.3+ does
var installed_at_version = this.model.get('installed_at_version');
var baseurl = photocrati_ajax.wp_plugins_url;
var preview_image_relpath = this.model.get('preview_image_relpath');
if (typeof installed_at_version == 'undefined') {
baseurl = photocrati_ajax.wp_site_url;
// those who installed 2.0.66.3 lack the 'installed_at_version' setting but have a
// plugin-relative path
if (preview_image_relpath.indexOf('/nextgen-gallery') == 0) {
baseurl = photocrati_ajax.wp_plugins_url;
}
}
var img = $('<img/>').attr({
src: photocrati_ajax.wp_site_static_url + '/' + this.model.get('preview_image_relpath'),
src: baseurl + '/' + preview_image_relpath,
title: this.model.get('title'),
alt: this.model.get('alt')
});
......
......@@ -107,15 +107,18 @@ class Mixin_DataMapper_Driver_Base extends Mixin
if (strlen($value) > 1)
{
//Using json_decode here because PHP's unserialize is not Unicode safe
$retval = json_decode(base64_decode($retval), TRUE);
// JSON Decoding failed. Perhaps it's PHP serialized data?
if ($retval === NULL) {
$er = error_reporting(0);
$retval = unserialize($value);
error_reporting($er);
}
// We can't always rely on base64_decode() or json_decode() to return FALSE as their documentation
// claims so check if $retval begins with a: as that indicates we have a serialized PHP object.
if (strpos($retval, 'a:') === 0)
{
$er = error_reporting(0);
$retval = unserialize($value);
error_reporting($er);
}
else {
// We use json_decode() here because PHP's unserialize() is not Unicode safe.
$retval = json_decode(base64_decode($retval), TRUE);
}
}
}
......
......@@ -336,9 +336,32 @@ class Mixin_Fs_Instance_Methods extends Mixin
* Gets the document root for this application
* @return string
*/
function get_document_root()
function get_document_root($type = 'root')
{
return $this->_document_root;
if ($type == 'plugins') {
$retval = WP_PLUGIN_DIR;
}
else if ($type == 'content') {
$retval = WP_CONTENT_DIR;
}
else if ($type == 'gallery') {
$root_type = defined('NGG_GALLERY_ROOT_TYPE') ? NGG_GALLERY_ROOT_TYPE : 'site';
if ($root_type == 'content')
$retval = WP_CONTENT_DIR;
else
$retval = $this->_document_root;
}
else if (empty($type) || $type == 'root') {
$retval = $this->_document_root;
}
else {
$retval = $this->_document_root;
}
if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN')
$retval = str_replace('/', DIRECTORY_SEPARATOR, $retval);
return $retval;
}
/**
......
......@@ -34,10 +34,16 @@ class M_I18N extends C_Base_Module
function _register_hooks()
{
add_action('init', array(&$this, 'register_translation_hooks'), 2);
}
function register_translation_hooks()
{
$fs = C_Fs::get_instance();
$dir = str_replace(
WP_PLUGIN_DIR,
$fs->get_document_root('plugins'),
'',
C_Fs::get_instance()->get_abspath('lang', 'photocrati-i18n')
$fs->get_abspath('lang', 'photocrati-i18n')
);
// Load text domain
......
......@@ -24,7 +24,7 @@ class C_Lightbox_Installer
* @param array $script_paths
* @param array $values
*/
function install_lightbox($name, $title, $code, $stylesheet_paths=array(), $script_paths=array(), $values=array(), $update=FALSE)
function install_lightbox($name, $title, $code, $stylesheet_paths=array(), $script_paths=array(), $values=array(), $i18n=array())
{
// Try to find the existing lightbox. If we can't find it, we'll create
$lightbox = $this->mapper->find_by_name($name);
......@@ -33,9 +33,10 @@ class C_Lightbox_Installer
// Set properties
$lightbox->name = $name;
$this->set_attr($lightbox, 'title', $title, TRUE);
$this->set_attr($lightbox, 'code', $code);
$this->set_attr($lightbox, 'title', $title, TRUE);
$this->set_attr($lightbox, 'code', $code);
$this->set_attr($lightbox, 'values', $values);
$this->set_attr($lightbox, 'i18n', $i18n);
// Overrides styles and scripts if localhost is used
if (isset($lightbox->styles) && strpos($lightbox->styles, 'localhost') !== FALSE)
......@@ -102,10 +103,9 @@ class C_Lightbox_Installer
'Fancybox',
'class="ngg-fancybox" rel="%GALLERY_NAME%"',
array('photocrati-lightbox#fancybox/jquery.fancybox-1.3.4.css'),
array(
'photocrati-lightbox#fancybox/jquery.easing-1.3.pack.js',
'photocrati-lightbox#fancybox/jquery.fancybox-1.3.4.pack.js',
'photocrati-lightbox#fancybox/nextgen_fancybox_init.js'
array('photocrati-lightbox#fancybox/jquery.easing-1.3.pack.js',
'photocrati-lightbox#fancybox/jquery.fancybox-1.3.4.pack.js',
'photocrati-lightbox#fancybox/nextgen_fancybox_init.js'
)
);
......@@ -116,8 +116,33 @@ class C_Lightbox_Installer
'class="highslide" onclick="return hs.expand(this, {slideshowGroup: ' . "'%GALLERY_NAME%'" . '});"',
array('photocrati-lightbox#highslide/highslide.css'),
array('photocrati-lightbox#highslide/highslide-full.packed.js',
'photocrati-lightbox#highslide/nextgen_highslide_init.js'),
array('nextgen_highslide_graphics_dir' => 'photocrati-lightbox#highslide/graphics')
'photocrati-lightbox#highslide/nextgen_highslide_init.js'),
array('nextgen_highslide_graphics_dir' => 'photocrati-lightbox#highslide/graphics'),
array(
'cssDirection' => __('ltr', 'nggallery'),
'loadingText' => __('Loading...', 'nggallery'),
'previousText' => __('Previous', 'nggallery'),
'nextText' => __('Next', 'nggallery'),
'moveText' => __('Move', 'nggallery'),
'closeText' => __('Close', 'nggallery'),
'resizeTitle' => __('Resize', 'nggallery'),
'playText' => __('Play', 'nggallery'),
'pauseText' => __('Pause', 'nggallery'),
'moveTitle' => __('Move', 'nggallery'),
'fullExpandText' => __('1:1', 'nggallery'),
'closeTitle' => __('Close (esc)', 'nggallery'),
'pauseTitle' => __('Pause slideshow (spacebar)', 'nggallery'),
'loadingTitle' => __('Click to cancel', 'nggallery'),
'focusTitle' => __('Click to bring to front', 'nggallery'),
'fullExpandTitle' => __('Expand to actual size (f)', 'nggallery'),
'creditsText' => __('Powered by Highslide JS', 'nggallery'),
'playTitle' => __('Play slideshow (spacebar)', 'nggallery'),
'previousTitle' => __('Previous (arrow left)', 'nggallery'),
'nextTitle' => __('Next (arrow right)', 'nggallery'),
'number' => __('Image %1 of %2', 'nggallery'),
'creditsTitle' => __('Go to the Highslide JS homepage', 'nggallery'),
'restoreTitle' => __('Click to close image, click and drag to move. Use arrow keys for next and previous.', 'nggallery')
)
);
// Install Shutter
......@@ -127,10 +152,11 @@ class C_Lightbox_Installer
'class="shutterset_%GALLERY_NAME%"',
array('photocrati-lightbox#shutter/shutter.css'),
array('photocrati-lightbox#shutter/shutter.js',
'photocrati-lightbox#shutter/nextgen_shutter.js'),
'photocrati-lightbox#shutter/nextgen_shutter.js'),
array(),
array(
'msgLoading' => 'L O A D I N G',
'msgClose' => 'Click to Close',
'msgLoading' => __('L O A D I N G', 'nggallery'),
'msgClose' => __('Click to Close', 'nggallery')
)
);
......@@ -141,7 +167,18 @@ class C_Lightbox_Installer
'class="shutterset_%GALLERY_NAME%"',
array('photocrati-lightbox#shutter_reloaded/shutter.css'),
array('photocrati-lightbox#shutter_reloaded/shutter.js',
'photocrati-lightbox#shutter_reloaded/nextgen_shutter_reloaded.js')
'photocrati-lightbox#shutter_reloaded/nextgen_shutter_reloaded.js'),
array(),
array(
__('Previous', 'nggallery'),
__('Next', 'nggallery'),
__('Close', 'nggallery'),
__('Full Size', 'nggallery'),
__('Fit to Screen', 'nggallery'),
__('Image', 'nggallery'),
__('of', 'nggallery'),
__('Loading...', 'nggallery')
)
);
// Install Thickbox
......@@ -151,7 +188,16 @@ class C_Lightbox_Installer
"class='thickbox' rel='%GALLERY_NAME%'",
array('wordpress#thickbox'),
array('photocrati-lightbox#thickbox/nextgen_thickbox_init.js',
'wordpress#thickbox')
'wordpress#thickbox'),
array(),
array(
'next' => __('Next &gt;', 'nggallery'),
'prev' => __('&lt; Prev', 'nggallery'),
'image' => __('Image', 'nggallery'),
'of' => __('of', 'nggallery'),
'close' => __('Close', 'nggallery'),
'noiframes' => __('This feature requires inline frames. You have iframes disabled or your browser does not support them.', 'nggallery')
)
);
}
......
......@@ -20,7 +20,7 @@ class M_Lightbox extends C_Base_Module
'photocrati-lightbox',
'Lightbox',
"Provides integration with several JavaScript lightbox effect libraries",
'0.12',
'0.14',
'http://leandrovieira.com/projects/jquery/lightbox/',
'Photocrati Media',