From a2d20a6f2cb4698e611920c97933b9c7dff28c8d Mon Sep 17 00:00:00 2001
From: lucha <lucha@paranoici.org>
Date: Sun, 21 Jan 2018 16:56:09 +0100
Subject: [PATCH] [auto] plugin: nextgen-gallery 2.2.33

---
 .../plugins/nextgen-gallery/changelog.txt     | 19 +++++++++++--
 .../plugins/nextgen-gallery/nggallery.php     | 21 ++++++++++++--
 .../pope/lib/class.extensibleobject.php       |  2 +-
 .../modules/fs/package.module.fs.php          | 28 ++++++-------------
 .../nextgen_admin/module.nextgen_admin.php    |  2 +-
 .../nextgen_data/module.nextgen_data.php      |  2 +-
 ...package.module.nextgen_gallery_display.php | 28 +++++++++++++++++--
 .../modules/widget/module.widget.php          | 11 ++++++--
 wp-content/plugins/nextgen-gallery/readme.txt | 23 ++++++++++++---
 9 files changed, 99 insertions(+), 37 deletions(-)

diff --git a/wp-content/plugins/nextgen-gallery/changelog.txt b/wp-content/plugins/nextgen-gallery/changelog.txt
index e0f7ee9ca..d024d52c5 100644
--- a/wp-content/plugins/nextgen-gallery/changelog.txt
+++ b/wp-content/plugins/nextgen-gallery/changelog.txt
@@ -1,9 +1,24 @@
 NextGEN Gallery
 by Imagely
 
+= V2.2.33 - 12.24.2017
+* Fixed:   Certain image attributes were not being validated correctly
+
+= V2.2.30 - 12.13.2017
+* Fixed:   Segfaults on PHP 7.2, 7.1.12, and 7.0.26.
+
+= V2.2.18 - 12.04.2017 =
+* NEW:     Include PHP 7.2.0 in the warning created by NextGen Gallery 2.2.16
+
+= V2.2.17 - 12.01.2017 =
+* NEW:     Include PHP 7.2-RCs in the warning created by NextGen Gallery 2.2.16
+
+= V2.2.16 - 11.30.2017 =
+* NEW:     Display an admin warning and disable NextGen Gallery when PHP 7.1.12 or 7.0.26 are in use
+
 = V2.2.14 - 09.18.2017 =
-* NEW:   EXIF and IPTC metadata are copied to new images when generating thumbnails, watermarks, or new sizes
-* Fixed: Metadata is read and preserved when "Resized images after upload" feature is enabled
+* NEW:     EXIF and IPTC metadata are copied to new images when generating thumbnails, watermarks, or new sizes
+* Fixed:   Metadata is read and preserved when "Resized images after upload" feature is enabled
 
 = V2.2.12 - 08.01.2017 =
 * Secured: Disabled Flash backend in plupload
diff --git a/wp-content/plugins/nextgen-gallery/nggallery.php b/wp-content/plugins/nextgen-gallery/nggallery.php
index 860855783..9d177cb05 100644
--- a/wp-content/plugins/nextgen-gallery/nggallery.php
+++ b/wp-content/plugins/nextgen-gallery/nggallery.php
@@ -4,7 +4,7 @@ if(preg_match('#' . basename(__FILE__) . '#', $_SERVER['PHP_SELF'])) { die('You
 /**
  * Plugin Name: NextGEN Gallery
  * Description: The most popular gallery plugin for WordPress and one of the most popular plugins of all time with over 18 million downloads.
- * Version: 2.2.14
+ * Version: 2.2.33
  * Author: Imagely
  * Plugin URI: https://www.imagely.com/wordpress-gallery-plugin/nextgen-gallery/
  * Author URI: https://www.imagely.com
@@ -138,8 +138,25 @@ class C_NextGEN_Bootstrap
 		return $trace;
 	}
 
+	public function php_version_incompatible()
+	{ ?>
+		<div class="notice notice-error is-dismissible">
+			<p><?php print __('We’ve detected you are running PHP versions 7.0.26 or 7.1.12. These versions of PHP have a bug that breaks NextGEN Gallery and causes server crashes in certain conditions. To protect your site, NextGEN Gallery will not load. We recommend asking your host to roll back to an earlier version of PHP. For details on the PHP bug, see: <a target="_blank" href="https://bugs.php.net/bug.php?id=75573">bugs.php.net/bug.php?id=75573</a>', 'nggallery'); ?></p>
+		</div>
+		<?php
+	}
+
 	function __construct()
 	{
+		// PHP versions 7.1.12, 7.0.26, and the 7.2-RC come with a bug that NextGen Gallery cannot workaround
+		// see: https://bugs.php.net/bug.php?id=75573
+		// Additionally 7.2.0 has an issue with NextGen's activation
+//		if (PHP_VERSION_ID === 70112 ||  PHP_VERSION_ID === 70026)
+//	   	{
+//			add_action('admin_notices', array($this, 'php_version_incompatible'));
+//			return;
+//		}
+
 		set_exception_handler(__CLASS__.'::shutdown');
 
 		// We only load the plugin if we're outside of the activation request, loaded in an iframe
@@ -644,7 +661,7 @@ class C_NextGEN_Bootstrap
 		define('NGG_PRODUCT_URL', path_join(str_replace("\\", '/', NGG_PLUGIN_URL), 'products'));
 		define('NGG_MODULE_URL', path_join(str_replace("\\", '/', NGG_PRODUCT_URL), 'photocrati_nextgen/modules'));
 		define('NGG_PLUGIN_STARTED_AT', microtime());
-		define('NGG_PLUGIN_VERSION', '2.2.14');
+		define('NGG_PLUGIN_VERSION', '2.2.33');
 
 		if (defined('SCRIPT_DEBUG') && SCRIPT_DEBUG)
 			define('NGG_SCRIPT_VERSION', (string)mt_rand(0, mt_getrandmax()));
diff --git a/wp-content/plugins/nextgen-gallery/pope/lib/class.extensibleobject.php b/wp-content/plugins/nextgen-gallery/pope/lib/class.extensibleobject.php
index 6368d21e4..de4ab4ee9 100755
--- a/wp-content/plugins/nextgen-gallery/pope/lib/class.extensibleobject.php
+++ b/wp-content/plugins/nextgen-gallery/pope/lib/class.extensibleobject.php
@@ -837,4 +837,4 @@ class Mixin extends PopeHelpers
     {
         return $this->object->$property;
     }
-}
\ No newline at end of file
+}
diff --git a/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/fs/package.module.fs.php b/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/fs/package.module.fs.php
index 7feca2302..3405aa7a3 100644
--- a/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/fs/package.module.fs.php
+++ b/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/fs/package.module.fs.php
@@ -252,30 +252,18 @@ class Mixin_Fs_Instance_Methods extends Mixin
         foreach ($segments as $segment) {
             $segment = trim($segment, "/\\");
             $pieces = array_values(preg_split('#[/\\\\]#', $segment));
-            // determine if each piece should be appended to $retval
-            foreach ($pieces as $ndx => $val) {
-                if ($val === '') {
-                    continue;
-                }
-                $one = array_search($val, $retval);
-                $two = array_search($val, $pieces);
-                $one = FALSE === $one ? 0 : count($one) + 1;
-                $two = FALSE === $two ? 0 : count($two) + 1;
-                if (!empty($protocol)) {
-                    $existing_val = isset($retval[$ndx]) ? $retval[$ndx] : NULL;
-                    if ($existing_val !== $val || $two >= $one) {
-                        $retval[] = $val;
-                    }
+            $segment = join(DIRECTORY_SEPARATOR, $pieces);
+            if (!$retval) {
+                $retval = $segment;
+            } else {
+                if (strpos($segment, $retval) !== FALSE) {
+                    $retval = $segment;
                 } else {
-                    $existing_val = isset($retval[$ndx]) ? $retval[$ndx] : NULL;
-                    if ($existing_val !== $val && $two >= $one) {
-                        $retval[] = $val;
-                    }
+                    $retval = $retval . DIRECTORY_SEPARATOR . $segment;
                 }
             }
         }
-        // Join the paths together
-        $retval = implode(DIRECTORY_SEPARATOR, $retval);
+        //		$retval = join(DIRECTORY_SEPARATOR, $retval);
         if (strpos($retval, $this->get_document_root()) !== 0 && strtoupper(substr(PHP_OS, 0, 3)) != 'WIN') {
             $retval = DIRECTORY_SEPARATOR . trim($retval, "/\\");
         }
diff --git a/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_admin/module.nextgen_admin.php b/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_admin/module.nextgen_admin.php
index 7374f3595..ffd539dcf 100644
--- a/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_admin/module.nextgen_admin.php
+++ b/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_admin/module.nextgen_admin.php
@@ -101,6 +101,7 @@ class M_NextGen_Admin extends C_Base_Module
 	{
         // Register scripts
         add_action('init', array($this, 'register_scripts'), 9);
+        add_action('init', array($this, 'init_wizards'), 5);
 
 		// Provides menu options for managing NextGEN Settings
 		add_action('admin_menu', array($this, 'add_menu_pages'), 999);
@@ -496,7 +497,6 @@ class M_NextGen_Admin extends C_Base_Module
 
 	function initialize()
 	{
-		$this->init_wizards();
 	}
 
 	/**
diff --git a/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_data/module.nextgen_data.php b/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_data/module.nextgen_data.php
index 759e4db8c..dc47b4996 100644
--- a/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_data/module.nextgen_data.php
+++ b/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_data/module.nextgen_data.php
@@ -122,7 +122,7 @@ class M_NextGen_Data extends C_Base_Module
 			$retval = preg_replace( '@<(script|style)[^>]*?>.*?</\\1>@si', '', $retval );
 			$retval= preg_replace('/[\r\n\t ]+/', ' ', $retval);
 		}
-		$retval = preg_replace("/\\son[^\\s=]+=/", '', $retval);
+		$retval = preg_replace("/(\\s)?on[^\\s=]+=/", '', $retval);
 
 		return $retval;
 	}
diff --git a/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_gallery_display/package.module.nextgen_gallery_display.php b/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_gallery_display/package.module.nextgen_gallery_display.php
index 2af60416c..31be559b4 100644
--- a/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_gallery_display/package.module.nextgen_gallery_display.php
+++ b/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_gallery_display/package.module.nextgen_gallery_display.php
@@ -170,6 +170,7 @@ class A_Gallery_Display_View extends Mixin
 class C_Display_Type extends C_DataMapper_Model
 {
     var $_mapper_interface = 'I_Display_Type_Mapper';
+    var $__settings = array();
     function define($properties = array(), $mapper = FALSE, $context = FALSE)
     {
         parent::define($mapper, $properties, $context);
@@ -200,13 +201,34 @@ class C_Display_Type extends C_DataMapper_Model
      */
     function &__get($property)
     {
-        if (isset($this->settings) && isset($this->settings[$property])) {
-            $retval =& $this->settings[$property];
-            return $retval;
+        if ($property == 'settings') {
+            if (isset($this->_stdObject->settings)) {
+                //$this->__settings = array_merge($this->_stdObject->settings, $this->__settings);
+            }
+            return $this->_stdObject->settings;
+        }
+        if (isset($this->_stdObject->settings[$property]) && $this->_stdObject->settings[$property] != NULL) {
+            return $this->_stdObject->settings[$property];
         } else {
             return parent::__get($property);
         }
     }
+    function &__set($property, $value)
+    {
+        if ($property == 'settings') {
+            $retval = $this->_stdObject->settings = $value;
+        } else {
+            $retval = $this->_stdObject->settings[$property] = $value;
+        }
+        return $retval;
+    }
+    function __isset($property_name)
+    {
+        if ($property_name == 'settings') {
+            return isset($this->_stdObject->settings);
+        }
+        return isset($this->_stdObject->settings[$property_name]) || parent::__isset($property_name);
+    }
 }
 class Mixin_Display_Type_Validation extends Mixin
 {
diff --git a/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/widget/module.widget.php b/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/widget/module.widget.php
index c73785e4c..32f9a4c5f 100644
--- a/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/widget/module.widget.php
+++ b/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/widget/module.widget.php
@@ -37,9 +37,14 @@ class M_Widget extends C_Base_Module
      */
     function _register_hooks()
     {
-         add_action('widgets_init', create_function('', 'return register_widget("C_Widget_Gallery");'));
-         add_action('widgets_init', create_function('', 'return register_widget("C_Widget_MediaRSS");'));
-         add_action('widgets_init', create_function('', 'return register_widget("C_Widget_Slideshow");'));
+    	add_action('widgets_init', array($this, 'register_widgets'));
+    }
+
+    function register_widgets()
+    {
+	    register_widget("C_Widget_Gallery");
+	    register_widget("C_Widget_MediaRSS");
+	    register_widget("C_Widget_Slideshow");
     }
 
     function get_type_list()
diff --git a/wp-content/plugins/nextgen-gallery/readme.txt b/wp-content/plugins/nextgen-gallery/readme.txt
index 6c72e5216..91a6ef4b5 100644
--- a/wp-content/plugins/nextgen-gallery/readme.txt
+++ b/wp-content/plugins/nextgen-gallery/readme.txt
@@ -2,8 +2,8 @@
 Contributors: photocrati, imagely
 Tags: wordpress gallery plugin, gallery, nextgen, nextgen gallery, photo gallery, image gallery, photography, slideshow, images, photo, photo album, watermark
 Requires at least: 4.0.0
-Stable tag: 2.3.0
-Tested up to: 4.8.1
+Stable tag: 2.2.33
+Tested up to: 4.9.1
 License: GPLv2
 
 The most popular WordPress gallery plugin and one of the most popular plugins of all time with over 18 million downloads.
@@ -187,9 +187,24 @@ For more information, feel free to visit the official website for the NextGEN Ga
 
 == Changelog ==
 
+= V2.2.33 - 12.24.2017
+* Fixed:   Certain image attributes were not being validated correctly
+
+= V2.2.30 - 12.13.2017
+* Fixed:   Segfaults on PHP 7.2, 7.1.12, and 7.0.26.
+
+= V2.2.18 - 12.04.2017 =
+* NEW:     Include PHP 7.2.0 in the warning created by NextGen Gallery 2.2.16
+
+= V2.2.17 - 12.01.2017 =
+* NEW:     Include PHP 7.2-RCs in the warning created by NextGen Gallery 2.2.16
+
+= V2.2.16 - 11.30.2017 =
+* NEW:     Display an admin warning and disable NextGen Gallery when PHP 7.1.12 or 7.0.26 are in use
+
 = V2.2.14 - 09.18.2017 =
-* NEW:   EXIF and IPTC metadata are copied to new images when generating thumbnails, watermarks, or new sizes
-* Fixed: Metadata is read and preserved when "Resized images after upload" feature is enabled
+* NEW:     EXIF and IPTC metadata are copied to new images when generating thumbnails, watermarks, or new sizes
+* Fixed:   Metadata is read and preserved when "Resized images after upload" feature is enabled
 
 = V2.2.12 - 08.01.2017 =
 * Secured: Disabled Flash backend in plupload
-- 
GitLab