Easy FancyBox - Version 1.8.18

Version Description

Fix Jetpack Tiled Gallery compat + security issue reported by Jakob Hagl sba-research.org

Release Info

Developer	deployer
Plugin	Easy FancyBox
Version	1.8.18
Comparing to
See all releases

Code changes from version 1.8.17 to 1.8.18

Files changed (52) hide show

easy-fancybox.php +2 -2
images/blank.gif +0 -0
images/fancy_close.png +0 -0
images/fancy_loading.png +0 -0
images/fancy_nav_left.png +0 -0
images/fancy_nav_right.png +0 -0
images/fancy_shadow_e.png +0 -0
images/fancy_shadow_n.png +0 -0
images/fancy_shadow_ne.png +0 -0
images/fancy_shadow_nw.png +0 -0
images/fancy_shadow_s.png +0 -0
images/fancy_shadow_se.png +0 -0
images/fancy_shadow_sw.png +0 -0
images/fancy_shadow_w.png +0 -0
images/fancy_title_left.png +0 -0
images/fancy_title_main.png +0 -0
images/fancy_title_over.png +0 -0
images/fancy_title_right.png +0 -0
images/fancybox-x.png +0 -0
images/fancybox-y.png +0 -0
images/fancybox.png +0 -0
images/light-mask.png +0 -0
inc/class-easyfancybox-admin.php +7 -11
inc/class-easyfancybox.php +2 -2
inc/easyfancybox-options.php +5 -35
languages/easy-fancybox-cs_CZ.mo +0 -0
languages/easy-fancybox-cs_CZ.po +0 -0
languages/easy-fancybox-es_ES.mo +0 -0
languages/easy-fancybox-es_ES.po +0 -0
languages/easy-fancybox-fa_IR.mo +0 -0
languages/easy-fancybox-fa_IR.po +0 -0
languages/easy-fancybox-fr_FR.mo +0 -0
languages/easy-fancybox-fr_FR.po +0 -0
languages/easy-fancybox-hi_IN.mo +0 -0
languages/easy-fancybox-hi_IN.po +0 -0
languages/easy-fancybox-hr.mo +0 -0
languages/easy-fancybox-hr.po +0 -0
languages/easy-fancybox-id_ID.mo +0 -0
languages/easy-fancybox-id_ID.po +0 -0
languages/easy-fancybox-lt_LT.mo +0 -0
languages/easy-fancybox-lt_LT.po +0 -0
languages/easy-fancybox-pl_PL.mo +0 -0
languages/easy-fancybox-pl_PL.po +0 -0
languages/easy-fancybox-ro_RO.po +0 -0
languages/easy-fancybox-sr_RS.mo +0 -0
languages/easy-fancybox-sr_RS.po +0 -0
languages/easy-fancybox-tr_TR.mo +0 -0
languages/easy-fancybox-tr_TR.po +0 -0
languages/easy-fancybox-ua_UA.mo +0 -0
languages/easy-fancybox-ua_UA.po +0 -0
languages/instructions.txt +0 -0
readme.txt +5 -3

easy-fancybox.php CHANGED Viewed

	@@ -5,7 +5,7 @@ Plugin URI: http://status301.net/wordpress-plugins/easy-fancybox/
5	Description: Easily enable the <a href="http://fancybox.net/">FancyBox jQuery extension</a> on all image, SWF, PDF, YouTube, Dailymotion and Vimeo links. Also supports iFrame and inline content.
6	Text Domain: easy-fancybox
7	Domain Path: languages
8	- Version: 1.8.17
9	Author: RavanH
10	Author URI: http://status301.net/
11	*/
	@@ -37,7 +37,7 @@ if ( ! defined( 'ABSPATH' ) ) exit;
37	* CONSTANTS
38	**************/
39
40	- define( 'EASY_FANCYBOX_VERSION', '1.8.17' );
41	define( 'FANCYBOX_VERSION', '1.3.24' );
42	define( 'MOUSEWHEEL_VERSION', '3.1.13' );
43	define( 'EASING_VERSION', '1.4.1' );


5	Description: Easily enable the <a href="http://fancybox.net/">FancyBox jQuery extension</a> on all image, SWF, PDF, YouTube, Dailymotion and Vimeo links. Also supports iFrame and inline content.
6	Text Domain: easy-fancybox
7	Domain Path: languages
8	+ Version: 1.8.18
9	Author: RavanH
10	Author URI: http://status301.net/
11	*/

37	* CONSTANTS
38	**************/
39
40	+ define( 'EASY_FANCYBOX_VERSION', '1.8.18' );
41	define( 'FANCYBOX_VERSION', '1.3.24' );
42	define( 'MOUSEWHEEL_VERSION', '3.1.13' );
43	define( 'EASING_VERSION', '1.4.1' );

images/blank.gif CHANGED Viewed

File without changes

images/fancy_close.png CHANGED Viewed

File without changes

images/fancy_loading.png CHANGED Viewed

File without changes

images/fancy_nav_left.png CHANGED Viewed

File without changes

images/fancy_nav_right.png CHANGED Viewed

File without changes

images/fancy_shadow_e.png CHANGED Viewed

File without changes

images/fancy_shadow_n.png CHANGED Viewed

File without changes

images/fancy_shadow_ne.png CHANGED Viewed

File without changes

images/fancy_shadow_nw.png CHANGED Viewed

File without changes

images/fancy_shadow_s.png CHANGED Viewed

File without changes

images/fancy_shadow_se.png CHANGED Viewed

File without changes

images/fancy_shadow_sw.png CHANGED Viewed

File without changes

images/fancy_shadow_w.png CHANGED Viewed

File without changes

images/fancy_title_left.png CHANGED Viewed

File without changes

images/fancy_title_main.png CHANGED Viewed

File without changes

images/fancy_title_over.png CHANGED Viewed

File without changes

images/fancy_title_right.png CHANGED Viewed

File without changes

images/fancybox-x.png CHANGED Viewed

File without changes

images/fancybox-y.png CHANGED Viewed

File without changes

images/fancybox.png CHANGED Viewed

File without changes

images/light-mask.png CHANGED Viewed

File without changes

inc/class-easyfancybox-admin.php CHANGED Viewed

	@@ -209,7 +209,7 @@ class easyFancyBox_Admin extends easyFancyBox {
209	* Santize Callbacks
210	*/
211
212	- public static function intval($setting = '')
213	{
214	if ($setting == '')
215	return '';
	@@ -225,18 +225,14 @@ class easyFancyBox_Admin extends easyFancyBox {
225	return ( $val != 0 ) ? $val.$prc : 0;
226	}
227
228	- public static function colorval($setting = '') {
229	- if ~~($setting~~ == ~~'')~~
230	- ~~return~~ '';
231	-
232	- if (substr($setting, 0, 1) == '#')
233	- if ( ctype_xdigit(substr($setting, 1)) )
234	- return $setting;
235
236	- if ~~(ctype_xdigit($setting))~~
237	- ~~return~~ '#'.$setting;
238
239	- return $~~setting~~;
240	}
241
242	/***********************


209	* Santize Callbacks
210	*/
211
212	+ public static function intval( $setting = '' )
213	{
214	if ($setting == '')
215	return '';

225	return ( $val != 0 ) ? $val.$prc : 0;
226	}
227
228	+ public static function colorval( $setting = '' ) {
229	+ // strip possible # to prepare for sanitizing
230	+ $setting = substr($setting, 0, 1) == '#' ? substr($setting, 1) : $setting;




231
232	+ // only allow hex values or empty string
233	+ $sanitized = ctype_xdigit($setting) ? '#'.$setting : '';
234
235	+ return $sanitized;
236	}
237
238	/***********************

inc/class-easyfancybox.php CHANGED Viewed

	@@ -276,7 +276,7 @@ var easy_fancybox_auto=function(){setTimeout(function(){jQuery(\'a[class*="'.$tr
276	$styles .= '#fancybox-title,#fancybox-title-float-main{color:'.$titleColor.'}';
277
278	if ( !empty($styles) )
279	- self::$inline_style = $styles;
280
281	// running our IE alphaimageloader relative path styles here
282	if ( isset($compatIE8) && 'true' == $compatIE8 ) {
	@@ -431,7 +431,7 @@ var easy_fancybox_auto=function(){setTimeout(function(){jQuery(\'a[class*="'.$tr
431	{
432	if ( !$old_version ) { // upgrade from 1.7 or older
433	if ( 'html' === get_option('fancybox_PDFclassType') ) {
434	- update_option('fancybox_PDFonStart', 'function(~~selectedArray~~,~~selectedIndex~~,~~selectedOpts~~){~~selectedOpts~~.type=\'pdf\';}');
435	delete_option('fancybox_PDFclassType');
436	}
437	}


276	$styles .= '#fancybox-title,#fancybox-title-float-main{color:'.$titleColor.'}';
277
278	if ( !empty($styles) )
279	+ self::$inline_style = wp_strip_all_tags( $styles, true );
280
281	// running our IE alphaimageloader relative path styles here
282	if ( isset($compatIE8) && 'true' == $compatIE8 ) {

431	{
432	if ( !$old_version ) { // upgrade from 1.7 or older
433	if ( 'html' === get_option('fancybox_PDFclassType') ) {
434	+ update_option('fancybox_PDFonStart', 'function(a,i,o){o.type=\'pdf\';}');
435	delete_option('fancybox_PDFclassType');
436	}
437	}

inc/easyfancybox-options.php CHANGED Viewed

	@@ -319,7 +319,7 @@ $efb_options = array (
319	'id' => 'fancybox_mouseWheel',
320	'hide' => true,
321	'input' => 'checkbox',
322	- 'default' => '1',
323	'description' => __('Include the Mousewheel jQuery extension script to allow gallery browsing by mousewheel action.','easy-fancybox')
324	)
325	)
	@@ -714,7 +714,7 @@ $efb_options = array (
714	'id' => 'fancybox_autoSelector',
715	'hide' => true,
716	'input' => 'hidden',
717	- 'default' => '.gallery,.wp-block-gallery,.tiled-gallery~~' // add div.~~tiled-gallery ~~for Tiled Galleries support~~
718	),
719	'onComplete' => array (
720	'id' => '',
	@@ -726,21 +726,7 @@ $efb_options = array (
726	),
727	'default' => '',
728	'description' => '<em><a href="'.$efb_url.'">' . __('Make available »','easy-fancybox') . '</a></em>'
729	- ),
730	- /* 'titleFormat' => array (
731	- 'id' => 'fancybox_titleFormat',
732	- 'title' => __('Title format','easy-fancybox'),
733	- 'label_for' => 'fancybox_titleFormat',
734	- 'input' => 'select',
735	- 'options' => array(
736	- '' => __('Default FancyBox style','easy-fancybox'),
737	- 'function(title, currentArray, currentIndex, currentOpts) { return \'<div style="font-face:Arial,sans-serif;text-align:left"><span style="float:right;font-size:large"><a href="javascript:;" onclick="$.fancybox.close();">' . __('Close','easy-fancybox') . ' <img src="' . plugins_url(FANCYBOX_SUBDIR, __FILE__) . '/fancybox/fancy_close.png" /></a></span>\' + (title && title.length ? \'<b style="display:block;margin-right:80px">\' + title + \'</b>\' : \'\' ) + \'' . __('Image','easy-fancybox') . '\' + (currentIndex + 1) + \' ' . __('of','easy-fancybox') . ' \' + currentArray.length + \'</div>\';
738	- }' => __('Mimic Lightbox2 style','easy-fancybox'),
739	- ),
740	- 'noquotes' => true,
741	- 'default' => '',
742	- 'description' => '<br />' . __('To improve Lightbox2 style disable Show close button and set titleposition to Inside or Outside','easy-fancybox') . '<br />'
743	- ),*/
744	)
745	),
746
	@@ -889,7 +875,7 @@ $efb_options = array (
889	'id' => 'fancybox_PDFonStart',
890	'noquotes' => true,
891	'title' => __('Embed with','easy-fancybox'),
892	- 'label_for' => '~~fancybox_PDFtitlePosition~~',
893	'input' => 'select',
894	'options' => array(
895	'function(a,i,o){o.type=\'pdf\';}' => __('Object tag (plus fall-back link)','easy-fancybox'),
	@@ -898,9 +884,7 @@ $efb_options = array (
898	'function(a,i,o){o.href=\'https://docs.google.com/viewer?embedded=true&url=\'+a[i].href;}' => __('Google Docs Viewer (external)','easy-fancybox')
899	),
900	'default' => '',
901	- // '~~function(a~~,~~i,o~~){o.~~content=\~~'~~<object~~ ~~data="\~~'~~+a[i]~~.~~href+\~~'" ~~type="application/pdf"~~ ~~height="100%"~~ ~~width="100%"><a~~ ~~href="\'+a[i]~~.~~href+\~~'~~" style="display:block;position:absolute;top:48%;width:100%;text~~-~~align:center">\~~'~~+jQuery(a[i]~~).~~html()+\~~'~~</a></object>\~~'}'
902	- // 'function(a, i, o) { o.content = \'<embed src="\' + a[i].href + \'#toolbar=1&navpanes=0&nameddest=self&page=1&view=FitH,0&zoom=80,0,0" type="application/pdf" height="100%" width="100%" />\' }'
903	- 'description' => __('Note:','easy-fancybox') . ' ' . __('External viewers have bandwidth, usage rate and and file size limits.','easy-fancybox') . '<br /><br />' //' <em><a href="'.$efb_url.'">' . __('More options »','easy-fancybox') . '</a></em><br /><br />'
904	),
905	'width' => array (
906	'id' => 'fancybox_PDFwidth',
	@@ -1526,20 +1510,6 @@ http://static.animoto.com/swf/w.swf?w=swf/vp1&f=Kf9POzQMSOGWyu41gtOtsw&i=m
1526	'type' => array (
1527	'default' => 'iframe'
1528	),
1529	- /* other than overflow:auto not supported on many browsers
1530	- 'scrolling' => array (
1531	- 'id' => 'fancybox_iFrameScrolling',
1532	- 'title' => __('Scrolling','easy-fancybox'),
1533	- 'label_for' => 'fancybox_iFrameScrolling',
1534	- 'input' => 'select',
1535	- 'options' => array(
1536	- 'auto' => __('Auto','easy-fancybox'),
1537	- 'yes' => __('Always','easy-fancybox'),
1538	- 'no' => __('Never','easy-fancybox')
1539	- ),
1540	- 'default' => 'auto',
1541	- 'description' => __('Define scrolling and scrollbar visibility.','easy-fancybox') . '<br />'
1542	- ),*/
1543	'width' => array (
1544	'id' => 'fancybox_iFramewidth',
1545	'title' => translate('Width'),


319	'id' => 'fancybox_mouseWheel',
320	'hide' => true,
321	'input' => 'checkbox',
322	+ 'default' => '',
323	'description' => __('Include the Mousewheel jQuery extension script to allow gallery browsing by mousewheel action.','easy-fancybox')
324	)
325	)

714	'id' => 'fancybox_autoSelector',
715	'hide' => true,
716	'input' => 'hidden',
717	+ 'default' => '.gallery,.wp-block-gallery,.tiled-gallery,.wp-block-jetpack-tiled-gallery'
718	),
719	'onComplete' => array (
720	'id' => '',

726	),
727	'default' => '',
728	'description' => '<em><a href="'.$efb_url.'">' . __('Make available »','easy-fancybox') . '</a></em>'
729	+ )














730	)
731	),
732

875	'id' => 'fancybox_PDFonStart',
876	'noquotes' => true,
877	'title' => __('Embed with','easy-fancybox'),
878	+ 'label_for' => 'fancybox_PDFonStart',
879	'input' => 'select',
880	'options' => array(
881	'function(a,i,o){o.type=\'pdf\';}' => __('Object tag (plus fall-back link)','easy-fancybox'),

884	'function(a,i,o){o.href=\'https://docs.google.com/viewer?embedded=true&url=\'+a[i].href;}' => __('Google Docs Viewer (external)','easy-fancybox')
885	),
886	'default' => '',
887	+ 'description' => __('Note:','easy-fancybox') . ' ' . __('External viewers have bandwidth, usage rate and and file size limits.','easy-fancybox') . '<br /><br />'


888	),
889	'width' => array (
890	'id' => 'fancybox_PDFwidth',

1510	'type' => array (
1511	'default' => 'iframe'
1512	),














1513	'width' => array (
1514	'id' => 'fancybox_iFramewidth',
1515	'title' => translate('Width'),

languages/easy-fancybox-cs_CZ.mo CHANGED Viewed

File without changes

languages/easy-fancybox-cs_CZ.po CHANGED Viewed

File without changes

languages/easy-fancybox-es_ES.mo CHANGED Viewed

File without changes

languages/easy-fancybox-es_ES.po CHANGED Viewed

File without changes

languages/easy-fancybox-fa_IR.mo CHANGED Viewed

File without changes

languages/easy-fancybox-fa_IR.po CHANGED Viewed

File without changes

languages/easy-fancybox-fr_FR.mo CHANGED Viewed

File without changes

languages/easy-fancybox-fr_FR.po CHANGED Viewed

File without changes

languages/easy-fancybox-hi_IN.mo CHANGED Viewed

File without changes

languages/easy-fancybox-hi_IN.po CHANGED Viewed

File without changes

languages/easy-fancybox-hr.mo CHANGED Viewed

File without changes

languages/easy-fancybox-hr.po CHANGED Viewed

File without changes

languages/easy-fancybox-id_ID.mo CHANGED Viewed

File without changes

languages/easy-fancybox-id_ID.po CHANGED Viewed

File without changes

languages/easy-fancybox-lt_LT.mo CHANGED Viewed

File without changes

languages/easy-fancybox-lt_LT.po CHANGED Viewed

File without changes

languages/easy-fancybox-pl_PL.mo CHANGED Viewed

File without changes

languages/easy-fancybox-pl_PL.po CHANGED Viewed

File without changes

languages/easy-fancybox-ro_RO.po CHANGED Viewed

File without changes

languages/easy-fancybox-sr_RS.mo CHANGED Viewed

File without changes

languages/easy-fancybox-sr_RS.po CHANGED Viewed

File without changes

languages/easy-fancybox-tr_TR.mo CHANGED Viewed

File without changes

languages/easy-fancybox-tr_TR.po CHANGED Viewed

File without changes

languages/easy-fancybox-ua_UA.mo CHANGED Viewed

File without changes

languages/easy-fancybox-ua_UA.po CHANGED Viewed

File without changes

languages/instructions.txt CHANGED Viewed

File without changes

readme.txt CHANGED Viewed

	@@ -4,7 +4,7 @@ Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=ravan
4	Tags: fancybox, lightbox, gallery, image, photo, video, flash, overlay, youtube, vimeo, dailymotion, pdf, svg, iframe, swf, jquery, webp
5	Requires at least: 3.3
6	Tested up to: 5.2
7	- Stable tag: 1.8.17
8
9	Easily enable the FancyBox jQuery extension on just about all media links. Multi-Site compatible. Supports iFrame and Flash movies.
10
	@@ -493,8 +493,8 @@ If you still do not get to see your images in FancyBox, ask on the [Easy FancyBo
493
494	== Upgrade Notice ==
495
496	- = 1.8.17 =
497	- Fix compat ~~messages~~ ~~and~~ ~~links~~
498
499
500	== Changelog ==
	@@ -502,6 +502,8 @@ Fix compat messages and links
502	= 1.8.18 =
503	* FIX: Jetpack Tiled Gallery block compatibility
504	* Don't include mousewheel script by default


505
506	= 1.8.17 =
507	* Pro compatibility messages


4	Tags: fancybox, lightbox, gallery, image, photo, video, flash, overlay, youtube, vimeo, dailymotion, pdf, svg, iframe, swf, jquery, webp
5	Requires at least: 3.3
6	Tested up to: 5.2
7	+ Stable tag: 1.8.18
8
9	Easily enable the FancyBox jQuery extension on just about all media links. Multi-Site compatible. Supports iFrame and Flash movies.
10

493
494	== Upgrade Notice ==
495
496	+ = 1.8.18 =
497	+ Fix Jetpack Tiled Gallery compat + security issue reported by Jakob Hagl sba-research.org
498
499
500	== Changelog ==

502	= 1.8.18 =
503	* FIX: Jetpack Tiled Gallery block compatibility
504	* Don't include mousewheel script by default
505	+ * SECURITY FIX: failing color value sanitization, issue reported by Jakob Hagl sba-research.org, CVE-2019-16524
506	+ * NEW: inline styles output filter
507
508	= 1.8.17 =
509	* Pro compatibility messages