Commit 7f89eb38 authored by lucha's avatar lucha

[auto] Plugin: nextgen-gallery 2.1.15

parent 8f6be994
repo: 2b82bc45fbe039c6f4c9f0c667e9cd1ee4d84cbb
node: b4a06dc685b9d98ae0a082932ef4822be530c429
node: 3f9f49cb9ae1c156b83b728aafc1f25ca60a8111
branch: default
tag: 2.1.7
tag: 2.1.15
......@@ -312,3 +312,15 @@ ca2225de1b2aff836e1fe9d7ff3a0f42820524ce 2.1.2
e60b028280448eca1c164dd54111623c2edc9997 2.1.3
97ec028ec655b132d0426ccb7f14423123ed2f49 2.1.4
9c6f1b018b1503530debfbb579e6917ec9bd4cac 2.1.6
b4a06dc685b9d98ae0a082932ef4822be530c429 2.1.7
1f0097e5ccb465c34be15eeadd3e67d44d19dcf6 2.1.8
eea6705079b13313be58c29ed93bc36b70a95073 2.1.9
d017862552ef5106a87f94c3d9959007c0c0f3d5 2.1.10
bbc6a008ce6a9700a3855e4f12f3e6cb27553f92 2.1.11
bbc6a008ce6a9700a3855e4f12f3e6cb27553f92 2.1.11
0000000000000000000000000000000000000000 2.1.11
0000000000000000000000000000000000000000 2.1.11
841a3eeff5f7adbf62b9da60326a68f8f3449d3c 2.1.11
7b09155e13df437933b9312ef9589e1b8525742d 2.1.12
224613db46bd7bcc40d3a8f1892c0dd543deecc9 2.1.13
7252966ee2d3d67bf7e753a2c862eeea4e620bbc 2.1.14
NextGEN Gallery
by Photocrati Media
= V2.1.15 - 09.09.2015 =
* Secured: Image uploads
* Fixed: Don't use esc_attr_e() to prevent translation issues
* Fixed: Ensure that deleting a gallery doesn't delete anything it shouldn't
* Fixed: get_gallery_abspath() should return NULL if the path doesn't exist
= V2.1.10 - 09.01.2015 =
* Secured: Escape output of parameters in templates to avoid XSS
= V2.1.9 - 08.25.2015 =
* NEW: Added ngg_manage_galleries_items_per_page filter
* NEW: Added ngg_manage_galleries_items_order filter
* NEW: ngg_manage_galleries_items_orderby
* Secured: Limit the ability to browse folders outside of NGG_IMPORT_ROOT
= V2.1.7 - 08.12.2015 =
* Changed: "Flush image cache" now removes images from the database w/o a gallery
* Changed: "Show Meta" popup: parse date_format through date_i18n()
......
......@@ -4,7 +4,7 @@ if(preg_match('#' . basename(__FILE__) . '#', $_SERVER['PHP_SELF'])) { die('You
/**
* Plugin Name: NextGEN Gallery by Photocrati
* Description: The most popular gallery plugin for WordPress and one of the most popular plugins of all time with over 12 million downloads.
* Version: 2.1.7
* Version: 2.1.15
* Author: Photocrati Media
* Plugin URI: http://www.nextgen-gallery.com
* Author URI: http://www.photocrati.com
......@@ -587,7 +587,7 @@ class C_NextGEN_Bootstrap
define('NGG_PRODUCT_URL', path_join(str_replace("\\", '/', NGG_PLUGIN_URL), 'products'));
define('NGG_MODULE_URL', path_join(str_replace("\\", '/', NGG_PRODUCT_URL), 'photocrati_nextgen/modules'));
define('NGG_PLUGIN_STARTED_AT', microtime());
define('NGG_PLUGIN_VERSION', '2.1.7');
define('NGG_PLUGIN_VERSION', '2.1.15');
if (!defined('NGG_HIDE_STRICT_ERRORS')) {
define('NGG_HIDE_STRICT_ERRORS', TRUE);
......
<h3 class="accordion_tab" id="<?php esc_attr_e($id) ?>"><a href="#"><?php esc_html_e($title) ?></a></h3>
<div id="<?php esc_attr_e($id) ?>_content">
<h3 class="accordion_tab" id="<?php echo esc_attr($id) ?>"><a href="#"><?php esc_html_e($title) ?></a></h3>
<div id="<?php echo esc_attr($id) ?>_content">
<?php echo $content ?>
</div>
\ No newline at end of file
......@@ -20,7 +20,7 @@
<?php endforeach ?>
</ul>
<?php reset($tabs); foreach ($tabs as $id => $tab_params): ?>
<div class="main_menu_tab" id="<?php esc_attr_e($id) ?>"><?php echo $tab_params['content'] ?></div>
<div class="main_menu_tab" id="<?php echo esc_attr($id) ?>"><?php echo $tab_params['content'] ?></div>
<?php endforeach ?>
</div>
......
<p class="<?php esc_attr_e($css_class) ?>">
<p class="<?php echo esc_attr($css_class) ?>">
<?php esc_html_e($no_display_type_selected)?>
</p>
\ No newline at end of file
......@@ -154,7 +154,7 @@ class A_NextGen_AddGallery_Ajax extends Mixin
if ($dir = urldecode($this->param('dir'))) {
$fs = C_Fs::get_instance();
$root = $this->get_import_root_abspath();
if ($dir != '.' && $dir != '..') {
if (!(strpos($dir, '.') === 0 || strpos($dir, '/.') === 0 || strpos($dir, '\\.') === 0)) {
$browse_path = $fs->join_paths($root, $dir);
if (@file_exists($browse_path)) {
$files = scandir($browse_path);
......
......@@ -315,7 +315,7 @@ class Mixin_Form_Field_Generators extends Mixin
{
$hidden = !(isset($display_type->settings['override_thumbnail_settings']) ? $display_type->settings['override_thumbnail_settings'] : FALSE);
$override_field = $this->_render_radio_field($display_type, 'override_thumbnail_settings', __('Override thumbnail settings', 'nggallery'), isset($display_type->settings['override_thumbnail_settings']) ? $display_type->settings['override_thumbnail_settings'] : FALSE, __('This does not affect existing thumbnails; overriding the thumbnail settings will create an additional set of thumbnails. To change the size of existing thumbnails please visit \'Manage Galleries\' and choose \'Create new thumbnails\' for all images in the gallery.', 'nggallery'));
$dimensions_field = $this->object->render_partial('photocrati-nextgen_admin#field_generator/thumbnail_settings', array('display_type_name' => $display_type->name, 'name' => 'thumbnail_dimensions', 'label' => __('Thumbnail dimensions', 'nggallery'), 'thumbnail_width' => isset($display_type->settings['thumbnail_width']) ? $display_type->settings['thumbnail_width'] : 0, 'thumbnail_height' => isset($display_type->settings['thumbnail_height']) ? $display_type->settings['thumbnail_height'] : 0, 'hidden' => $hidden ? 'hidden' : '', 'text' => ''), TRUE);
$dimensions_field = $this->object->render_partial('photocrati-nextgen_admin#field_generator/thumbnail_settings', array('display_type_name' => $display_type->name, 'name' => 'thumbnail_dimensions', 'label' => __('Thumbnail dimensions', 'nggallery'), 'thumbnail_width' => isset($display_type->settings['thumbnail_width']) ? intval($display_type->settings['thumbnail_width']) : 0, 'thumbnail_height' => isset($display_type->settings['thumbnail_height']) ? intval($display_type->settings['thumbnail_height']) : 0, 'hidden' => $hidden ? 'hidden' : '', 'text' => ''), TRUE);
/*
$qualities = array();
for ($i = 100; $i > 40; $i -= 5) { $qualities[$i] = "{$i}%"; }
......
<h3 class="accordion_tab" id="<?php esc_attr_e($id) ?>"><a href="#"><?php esc_html_e($title) ?></a></h3>
<div id="<?php esc_attr_e($id) ?>_content">
<h3 class="accordion_tab" id="<?php echo esc_attr($id) ?>"><a href="#"><?php echo esc_html($title) ?></a></h3>
<div id="<?php echo esc_attr($id) ?>_content">
<?php echo $content ?>
</div>
\ No newline at end of file
<div data-notification-name="<?php esc_attr_e($notice_name)?>" class="ngg_admin_notice <?php esc_attr_e($css_class)?>">
<div data-notification-name="<?php echo esc_attr($notice_name)?>" class="ngg_admin_notice <?php echo esc_attr($css_class)?>">
<p><?php echo $html ?></p>
<?php if ($is_dismissable): ?>
<p><a class='dismiss' href="#"><?php esc_html_e(__('Dismiss', 'nggallery')) ?></a></p>
......
......@@ -2,17 +2,17 @@
<td>
<label for="<?php echo esc_attr($display_type_name) ?>_gallery_display_type"
class="tooltip"
title="<?php esc_attr_e($gallery_display_type_help)?>">
title="<?php echo esc_attr($gallery_display_type_help)?>">
<?php esc_html_e($gallery_display_type_label)?>
</label>
</td>
<td>
<select
style="width: 400px"
id="<?php esc_attr_e($display_type_name) ?>_gallery_display_type"
name="<?php esc_attr_e($display_type_name)?>[gallery_display_type]">
id="<?php echo esc_attr($display_type_name) ?>_gallery_display_type"
name="<?php echo esc_attr($display_type_name)?>[gallery_display_type]">
<?php foreach ($display_types as $display_type): ?>
<option value="<?php esc_attr_e($display_type->name) ?>"
<option value="<?php echo esc_attr($display_type->name) ?>"
<?php selected($display_type->name, $gallery_display_type) ?>>
<?php esc_html_e(__($display_type->title, 'nggallery')); ?>
</option>
......
......@@ -3,11 +3,11 @@
<?php if ($show_thumbnail_link) { ?>
<!-- Thumbnails Link -->
<div class="slideshowlink">
<a href='<?php esc_attr_e($thumbnail_link); ?>'><?php esc_html_e($thumbnail_link_text); ?></a>
<a href='<?php echo esc_attr($thumbnail_link); ?>'><?php esc_html_e($thumbnail_link_text); ?></a>
</div>
<?php } ?>
<div class="ngg-slideshow-image-list ngg-slideshow-nojs" id="<?php esc_attr_e($anchor); ?>-image-list">
<div class="ngg-slideshow-image-list ngg-slideshow-nojs" id="<?php echo esc_attr($anchor); ?>-image-list">
<?php
$this->include_template('photocrati-nextgen_gallery_display#list/before');
for ($i = 0; $i < count($images); $i++) {
......@@ -67,26 +67,26 @@
</div>
<?php $this->include_template('photocrati-nextgen_gallery_display#container/before'); ?>
<div class="ngg-galleryoverview ngg-slideshow"
id="<?php esc_attr_e($anchor); ?>"
id="<?php echo esc_attr($anchor); ?>"
data-placeholder="<?php echo nextgen_esc_url($placeholder); ?>"
style="max-width: <?php esc_attr_e($gallery_width); ?>px; max-height: <?php esc_attr_e($gallery_height); ?>px;">
style="max-width: <?php echo esc_attr($gallery_width); ?>px; max-height: <?php echo esc_attr($gallery_height); ?>px;">
<div class="ngg-slideshow-loader"
id="<?php esc_attr_e($anchor); ?>-loader"
style="width: <?php esc_attr_e($gallery_width); ?>px; height: <?php esc_attr_e($gallery_height); ?>px;">
<img src="<?php esc_attr_e(NGGALLERY_URLPATH); ?>images/loader.gif" alt=""/>
id="<?php echo esc_attr($anchor); ?>-loader"
style="width: <?php echo esc_attr($gallery_width); ?>px; height: <?php echo esc_attr($gallery_height); ?>px;">
<img src="<?php echo esc_attr(NGGALLERY_URLPATH); ?>images/loader.gif" alt=""/>
</div>
</div>
<?php $this->include_template('photocrati-nextgen_gallery_display#container/after'); ?>
<script type="text/javascript">
jQuery('#<?php esc_attr_e($anchor); ?>-image-list').hide().removeClass('ngg-slideshow-nojs');
jQuery('#<?php echo esc_attr($anchor); ?>-image-list').hide().removeClass('ngg-slideshow-nojs');
jQuery(function($) {
jQuery('#<?php esc_attr_e($anchor); ?>').nggShowSlideshow({
id: '<?php esc_attr_e($displayed_gallery_id); ?>',
fx: '<?php esc_attr_e($cycle_effect); ?>',
width: <?php esc_attr_e($gallery_width); ?>,
height: <?php esc_attr_e($gallery_height); ?>,
domain: '<?php esc_attr_e(trailingslashit(home_url())); ?>',
timeout: <?php esc_attr_e(intval($cycle_interval) * 1000); ?>
jQuery('#<?php echo esc_attr($anchor); ?>').nggShowSlideshow({
id: '<?php echo esc_attr($displayed_gallery_id); ?>',
fx: '<?php echo esc_attr($cycle_effect); ?>',
width: <?php echo esc_attr($gallery_width); ?>,
height: <?php echo esc_attr($gallery_height); ?>,
domain: '<?php echo esc_attr(trailingslashit(home_url())); ?>',
timeout: <?php echo esc_attr(intval($cycle_interval) * 1000); ?>
});
});
</script>
......
......@@ -5,11 +5,11 @@ $this->start_element('nextgen_gallery.gallery_container', 'container', $displaye
?>
<div
class="ngg-galleryoverview<?php if (!intval($ajax_pagination)) echo ' ngg-ajax-pagination-none'; ?>"
id="ngg-gallery-<?php esc_attr_e($displayed_gallery_id)?>-<?php esc_attr_e($current_page)?>">
id="ngg-gallery-<?php echo esc_attr($displayed_gallery_id)?>-<?php echo esc_attr($current_page)?>">
<?php if (!empty($slideshow_link)): ?>
<div class="slideshowlink">
<a href='<?php esc_attr_e($slideshow_link) ?>'><?php echo $slideshow_link_text ?></a>
<a href='<?php echo esc_attr($slideshow_link) ?>'><?php echo $slideshow_link_text ?></a>
</div>
<?php endif ?>
......
......@@ -14,7 +14,7 @@
<option></option>
<?php foreach ($templates as $file => $label): ?>
<?php if ($file && $label): ?>
<option value="<?php echo $file; ?>" <?php selected($chosen_file, $file, TRUE); ?>><?php esc_html_e($label); ?></option>
<option value="<?php echo esc_attr($file) ?>" <?php selected($chosen_file, $file, TRUE); ?>><?php esc_html_e($label); ?></option>
<?php endif ?>
<?php endforeach ?>
</select>
......
......@@ -1086,6 +1086,10 @@ class Mixin_GalleryStorage_Driver_Base extends Mixin
$filename = str_replace($match[0], '.' . $match[1], $filename);
}
$abs_filename = implode(DIRECTORY_SEPARATOR, array($upload_dir, $filename));
// Ensure that the filename is valid
if (!preg_match('/(png|jpeg|jpg|gif)$/i', $abs_filename)) {
throw new E_UploadException(__('Invalid image file. Acceptable formats: JPG, GIF, and PNG.', 'nggallery'));
}
// Prevent duplicate filenames: check if the filename exists and
// begin appending '-i' until we find an open slot
if (!ini_get('safe_mode') && @file_exists($abs_filename) && !$override) {
......@@ -1181,24 +1185,27 @@ class Mixin_GalleryStorage_Driver_Base extends Mixin
if (@file_exists($abspath)) {
$fs = C_Fs::get_instance();
// Ensure that this folder has images
$files_all = scandir($abspath);
// Ensure that this folder has images
$i = 0;
$files = array();
// first perform some filtering on file list
foreach ($files_all as $file) {
foreach (scandir($abspath) as $file) {
if ($file == '.' || $file == '..') {
continue;
}
if ($this->object->is_image_file($fs->join_paths($abspath, $file))) {
$files[] = $file;
$file_abspath = $fs->join_paths($abspath, $file);
// The first directory is considered valid
if (is_dir($file_abspath) && $i === 0) {
$files[] = $file_abspath;
} elseif ($this->is_image_file($file_abspath)) {
$files[] = $file_abspath;
}
}
if (!empty($files)) {
// Get needed utilities
$gallery_mapper = C_Gallery_Mapper::get_instance();
// Sometimes users try importing a directory, which actually has all images under another directory
$first_file_abspath = $fs->join_paths($abspath, $files[0]);
if (is_dir($first_file_abspath) && count($files) == 1) {
return $this->import_gallery_from_fs($first_file_abspath, $gallery_id, $move_files);
if (is_dir($files[0])) {
return $this->import_gallery_from_fs($files[0], $gallery_id, $move_files);
}
// If no gallery has been specified, then use the directory name as the gallery name
if (!$gallery_id) {
......@@ -1215,14 +1222,13 @@ class Mixin_GalleryStorage_Driver_Base extends Mixin
// Ensure that we have a gallery id
if ($gallery_id) {
$retval = array('gallery_id' => $gallery_id, 'image_ids' => array());
foreach ($files as $file) {
if (!preg_match('/\\.(jpg|jpeg|gif|png)$/i', $file)) {
foreach ($files as $file_abspath) {
if (!preg_match('/\\.(jpg|jpeg|gif|png)$/i', $file_abspath)) {
continue;
}
$file_abspath = $fs->join_paths($abspath, $file);
$image = null;
if ($move_files) {
$image = $this->object->upload_base64_image($gallery_id, file_get_contents($file_abspath), str_replace(' ', '_', $file));
$image = $this->object->upload_base64_image($gallery_id, file_get_contents($file_abspath), str_replace(' ', '_', M_I18n::mb_basename($file_abspath)));
} else {
// Create the database record ... TODO cleanup, some duplication here from upload_base64_image
$factory = C_Component_Factory::get_instance();
......@@ -2923,6 +2929,10 @@ class Mixin_NggLegacy_GalleryStorage_Driver extends Mixin
$gallery = $this->object->_gallery_mapper->find($gallery);
}
}
// It just doesn't exist
if (!$gallery || is_numeric($gallery)) {
return $retval;
}
// We we have a gallery, determine it's path
if ($gallery) {
if (isset($gallery->path)) {
......@@ -3330,7 +3340,10 @@ class Mixin_NggLegacy_GalleryStorage_Driver extends Mixin
public function delete_gallery($gallery)
{
$retval = FALSE;
if ($abspath = $this->object->get_gallery_abspath($gallery)) {
$fs = C_Fs::get_instance();
$safe_dirs = array(DIRECTORY_SEPARATOR, $fs->get_document_root('plugins'), $fs->get_document_root('plugins_mu'), $fs->get_document_root('templates'), $fs->get_document_root('stylesheets'), $fs->get_document_root('content'), $fs->get_document_root('galleries'), $fs->get_document_root());
$abspath = $this->object->get_gallery_abspath($gallery);
if ($abspath && file_exists($abspath) && !in_array(stripslashes($abspath), $safe_dirs)) {
// delete the directory and everything in it
$iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($abspath), RecursiveIteratorIterator::CHILD_FIRST);
foreach ($iterator as $file) {
......
......@@ -4,4 +4,4 @@
$id = 'ngg-image-' . $index;
}
?>
<div id="<?php esc_attr_e($id) ?>" class="<?php esc_attr_e($class) ?>" <?php if (isset($image->style)) echo $image->style; ?>>
<div id="<?php echo esc_attr($id) ?>" class="<?php echo esc_attr($class) ?>" <?php if (isset($image->style)) echo $image->style; ?>>
......@@ -105,7 +105,7 @@
<?php for($i=100; $i>50; $i--): ?>
<option
<?php selected($i, $resized_image_quality) ?>
value="<?php esc_attr_e($i)?>"><?php esc_html_e($i) ?>%</option>
value="<?php echo esc_attr($i)?>"><?php esc_html_e($i) ?>%</option>
<?php endfor ?>
</select>
</div>
......
......@@ -22,7 +22,7 @@
</tr>
<?php foreach ($sub_fields as $name => $form) { ?>
<tbody class="lightbox_library_settings hidden" id="lightbox_library_<?php esc_attr_e($name); ?>">
<tbody class="lightbox_library_settings hidden" id="lightbox_library_<?php echo esc_attr($name); ?>">
<?php echo $form; ?>
</tbody>
<?php } ?>
......
......@@ -82,7 +82,7 @@
?>
<option
<?php selected($size, $size) ?>
value="<?php esc_attr_e($size)?>"><?php esc_html_e($size) ?></option>
value="<?php echo esc_attr($size)?>"><?php esc_html_e($size) ?></option>
<?php
}
?>
......
......@@ -55,13 +55,13 @@
name='watermark_options[wmXpos]'
placeholder='0'
min='0'
value='<?php echo $offset_x; ?>'/> /
value='<?php echo esc_attr($offset_x) ?>'/> /
<input type='number'
id='nextgen_settings_wmYpos'
name='watermark_options[wmYpos]'
placeholder='0'
min='0'
value='<?php echo $offset_y; ?>'/>
value='<?php echo esc_attr($offset_y) ?>'/>
<label for='nextgen_settings_wmYpos'>h</label>
</td>
</tr>
......
......@@ -10,12 +10,19 @@ function nggallery_manage_gallery_main() {
//Build the pagination for more than 25 galleries
$_GET['paged'] = isset($_GET['paged']) && ($_GET['paged'] > 0) ? absint($_GET['paged']) : 1;
$items_per_page = 25;
$items_per_page = apply_filters('ngg_manage_galleries_items_per_page', 25);
$start = ( $_GET['paged'] - 1 ) * $items_per_page;
$order = ( isset ( $_GET['order'] ) && $_GET['order'] == 'desc' ) ? 'DESC' : 'ASC';
$orderby = ( isset ( $_GET['orderby'] ) && ( in_array( $_GET['orderby'], array('gid', 'title', 'author') )) ) ? $_GET['orderby'] : 'gid';
if (!empty($_GET['order']) && in_array($_GET['order'], array('DESC', 'ASC')))
$order = $_GET['order'];
else
$order = apply_filters('ngg_manage_galleries_items_order', 'ASC');
if (!empty($_GET['orderby']) && in_array($_GET['orderby'], array('gid', 'title', 'author')))
$orderby = $_GET['orderby'];
else
$orderby = apply_filters('ngg_manage_galleries_items_orderby', 'gid');
$mapper = C_Gallery_Mapper::get_instance();
$total_number_of_galleries = $mapper->count();
......
......@@ -89,16 +89,16 @@ if (!is_null($nextgen_thumb_size_custom_style))
<input type="text"
size="5"
maxlength="5"
id='<?php echo $thumbnails_template_width_id; ?>'
name="<?php echo $thumbnails_template_width_name; ?>"
value="<?php echo $thumbnails_template_width_value; ?>"/>
id='<?php echo esc_attr($thumbnails_template_width_id); ?>'
name="<?php echo esc_attr($thumbnails_template_width_name); ?>"
value="<?php echo esc_attr($thumbnails_template_width_value); ?>"/>
x
<input type="text"
size="5"
maxlength="5"
id='<?php echo $thumbnails_template_height_id; ?>'
name="<?php echo $thumbnails_template_height_name; ?>"
value="<?php echo $thumbnails_template_height_value; ?>"/>
id='<?php echo esc_attr($thumbnails_template_height_id) ?>'
name="<?php echo esc_attr($thumbnails_template_height_name) ?>"
value="<?php echo esc_attr($thumbnails_template_height_value) ?>"/>
<br/>
<small><?php _e('These are maximum values', 'nggallery'); ?></small>
</span>
......@@ -674,10 +674,10 @@ class nggdb
if ($offset && $limit) $mapper->limit($limit, $offset);
// Add exclusion clause
if ($exclude) $mapper->where(array("exclude = 0"));
if ($exclude) $mapper->where(array("exclude = %d", 0));
// Add gallery clause
if ($galleryId) $mapper->where(array("galleryid = %d"), $galleryId);
if ($galleryId) $mapper->where(array("galleryid = %d", $galleryId));
return $mapper->run_query();
}
......
......@@ -2,8 +2,8 @@
Contributors: photocrati
Tags: nextgen, nextgen gallery, gallery, galleries, image, images, image gallery, photo, photos, photo gallery, picture, pictures, picture gallery, album, albums, photo albums, image album, media, media gallery, thumbnails, thumbnail gallery, thumbnail galleries, slideshow, slideshows, slideshow gallery, slideshow galleries, fancybox, lightbox, responsive, responsive gallery, responsive galleries, wordpress responsive gallery, nextcellent, wordpress gallery plugin, wordpress photo gallery plugin, wp gallery, wp gallery plugins, best gallery plugin, free photo gallery, singlepic, image captions imagebrowser, watermarks, watermarking, photography, photographer
Requires at least: 3.6.1
Stable tag: 2.1.15
Tested up to: 4.3.0
Stable tag: 2.1.7
License: GPLv2
The most popular WordPress gallery plugin and one of the most popular plugins of all time with over 13 million downloads.
......@@ -199,6 +199,25 @@ For more information, feel free to visit the official website for the NextGEN Ga
== Changelog ==
= V2.1.15 - 09.09.2015 =
* Secured: Image uploads
* Fixed: Don't use esc_attr_e() to prevent translation issues
* Fixed: Ensure that deleting a gallery doesn't delete anything it shouldn't
* Fixed: get_gallery_abspath() should return NULL if the path doesn't exist
= V2.1.13 - 09.09.2015 =
* Secured: Image uploads
* Fixed: Don't use esc_attr_e() to present translation issues
= V2.1.10 - 09.01.2015 =
* Secured: Escape output of parameters in templates to avoid XSS
= V2.1.9 - 08.25.2015 =
* NEW: Added ngg_manage_galleries_items_per_page filter
* NEW: Added ngg_manage_galleries_items_order filter
* NEW: ngg_manage_galleries_items_orderby
* Secured: Limit the ability to browse folders outside of NGG_IMPORT_ROOT
= V2.1.7 - 08.12.2015 =
* Changed: "Flush image cache" now removes images from the database w/o a gallery
* Changed: "Show Meta" popup: parse date_format through date_i18n()
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment