Gallery Bank: WordPress Photo Gallery Plugin - Version 3.0.70

Version Description

  • Major Security Bug XSS Vulnerability Fixed related to Album Sorting
Download this release

Release Info

Developer Gallery-Bank
Plugin Icon 128x128 Gallery Bank: WordPress Photo Gallery Plugin
Version 3.0.70
Comparing to
See all releases

Code changes from version 3.0.69 to 3.0.70

gallery-bank.php CHANGED
@@ -4,7 +4,7 @@
4
  Plugin URI: http://tech-banker.com
5
  Description: Gallery Bank is an easy to use Responsive WordPress Gallery Plugin for photos, videos, galleries and albums.
6
  Author: Tech Banker
7
- Version: 3.0.69
8
  Author URI: http://tech-banker.com
9
  */
10
  ////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
4
  Plugin URI: http://tech-banker.com
5
  Description: Gallery Bank is an easy to use Responsive WordPress Gallery Plugin for photos, videos, galleries and albums.
6
  Author: Tech Banker
7
+ Version: 3.0.70
8
  Author URI: http://tech-banker.com
9
  */
10
  ////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
readme.txt CHANGED
@@ -4,7 +4,7 @@ Donate link : http://tech-banker.com/gallery-bank/
4
  Tags: admin, AJAX, album, albums, best gallery, best gallery plugin, best portfolio, best portfolio plugin, bilder, comments, easy media gallery, fancy gallery, filterable gallery, filterable portfolio, flash, foto, fotoalbum, galerie, galerij, Galleria, gallery, gallery album, gallery bank, gallery image, Gallery Plugin, gallery wordpress plugin, google, grid gallery, html5 player, html5 video, html5-audio, image, image album, image rotate, image slider, image slideshow, images, jquery, jquery gallery, jquery slider, jquery slideshow, lightbox, links, media, modal, multiple pictures, nextgen, nextgen gallery, page, pagination gallery, pagination portfolio, photo, photo album, photo albums, photo gallery, Photo Slider, photoalbum, photogallery, photos, picture, pictures, plugin, plugin for gallery, plugin gallery, portfolio, portfolio gallery, portfolio wordpress plugin, Post, posts, responsive gallery, responsive slider, responsive slideshow, seo, seo image, shortcode, sidebar, slideshow, thumbnail, thumbnails, twitter, videos, website gallery, widget, wordpress gallery plugin, wordpress portfolio plugin, wp gallery, wp gallery plugin, wp slider
5
  Requires at least: 3.3
6
  Tested up to: 4.0
7
- Stable tag: 3.0.69
8
  License: GPLv3 or later
9
  License URI: http://www.gnu.org/licenses/gpl-3.0.html
10
 
@@ -53,7 +53,7 @@ It provides a powerful engine for uploading and managing galleries of images & v
53
 
54
  Gallery Bank is designed to adapt each portfolio to any situation and can be easily used on mobiles as it is a Responsive Plugin.
55
 
56
- ***October 6, 2014: We're happy to announce that Gallery Bank reached 197,200+ plugin downloads in only 1.5 year. We frequently receive positive feedback from people using our Gallery Bank Plugin for WordPress. Thanks so much for your support!***
57
 
58
  <a href="http://tech-banker.com/forum/gallery-bank-support/" target="_blank">Support Desk - feel free to ask your Queries</a>
59
 
@@ -502,7 +502,11 @@ is False in shortcode.
502
 
503
  == Changelog ==
504
 
505
- = 3.0.67 =
 
 
 
 
506
 
507
  * Updated Existing Language - Romanian
508
  * Updated Existing Language - Indonesian
4
  Tags: admin, AJAX, album, albums, best gallery, best gallery plugin, best portfolio, best portfolio plugin, bilder, comments, easy media gallery, fancy gallery, filterable gallery, filterable portfolio, flash, foto, fotoalbum, galerie, galerij, Galleria, gallery, gallery album, gallery bank, gallery image, Gallery Plugin, gallery wordpress plugin, google, grid gallery, html5 player, html5 video, html5-audio, image, image album, image rotate, image slider, image slideshow, images, jquery, jquery gallery, jquery slider, jquery slideshow, lightbox, links, media, modal, multiple pictures, nextgen, nextgen gallery, page, pagination gallery, pagination portfolio, photo, photo album, photo albums, photo gallery, Photo Slider, photoalbum, photogallery, photos, picture, pictures, plugin, plugin for gallery, plugin gallery, portfolio, portfolio gallery, portfolio wordpress plugin, Post, posts, responsive gallery, responsive slider, responsive slideshow, seo, seo image, shortcode, sidebar, slideshow, thumbnail, thumbnails, twitter, videos, website gallery, widget, wordpress gallery plugin, wordpress portfolio plugin, wp gallery, wp gallery plugin, wp slider
5
  Requires at least: 3.3
6
  Tested up to: 4.0
7
+ Stable tag: 3.0.70
8
  License: GPLv3 or later
9
  License URI: http://www.gnu.org/licenses/gpl-3.0.html
10
 
53
 
54
  Gallery Bank is designed to adapt each portfolio to any situation and can be easily used on mobiles as it is a Responsive Plugin.
55
 
56
+ ***October 11, 2014: We're happy to announce that Gallery Bank reached 199,700+ plugin downloads in only 1.5 year. We frequently receive positive feedback from people using our Gallery Bank Plugin for WordPress. Thanks so much for your support!***
57
 
58
  <a href="http://tech-banker.com/forum/gallery-bank-support/" target="_blank">Support Desk - feel free to ask your Queries</a>
59
 
502
 
503
  == Changelog ==
504
 
505
+ = 3.0.70 =
506
+
507
+ * Major Security Bug XSS Vulnerability Fixed related to Album Sorting
508
+
509
+ = 3.0.69 =
510
 
511
  * Updated Existing Language - Romanian
512
  * Updated Existing Language - Indonesian
views/album-sorting.php CHANGED
@@ -26,7 +26,7 @@ else
26
  }
27
 
28
  if (isset($_REQUEST["order_id"])) {
29
- switch ($_REQUEST["order_id"]) {
30
  case "unsort":
31
  $album = $wpdb->get_results
32
  (
@@ -75,6 +75,8 @@ else
75
  (
76
  "SELECT * FROM " . gallery_bank_settings()
77
  );
 
 
78
  if (count($album_css) != 0)
79
  {
80
  $setting_keys = array();
@@ -255,6 +257,9 @@ else
255
  </div>
256
  </div>
257
  </form>
 
 
 
258
  <script type="text/javascript">
259
  jQuery(".imgLiquidFill").imgLiquid({fill: true});
260
  jQuery(document).ready(function () {
26
  }
27
 
28
  if (isset($_REQUEST["order_id"])) {
29
+ switch (esc_attr($_REQUEST["order_id"])) {
30
  case "unsort":
31
  $album = $wpdb->get_results
32
  (
75
  (
76
  "SELECT * FROM " . gallery_bank_settings()
77
  );
78
+ if(isset($album))
79
+ {
80
  if (count($album_css) != 0)
81
  {
82
  $setting_keys = array();
257
  </div>
258
  </div>
259
  </form>
260
+ <?php
261
+ }
262
+ ?>
263
  <script type="text/javascript">
264
  jQuery(".imgLiquidFill").imgLiquid({fill: true});
265
  jQuery(document).ready(function () {
views/images-sorting.php CHANGED
@@ -22,7 +22,7 @@
22
  $album_id = intval($_REQUEST["album_id"]);
23
  $img_in_row = intval($_REQUEST["row"]);
24
  if (isset($_REQUEST["order_id"])) {
25
- switch ($_REQUEST["order_id"]) {
26
  case "unsort":
27
  $pics_order = $wpdb->get_results
28
  (
@@ -117,6 +117,8 @@
117
  (
118
  "SELECT * FROM " . gallery_bank_settings()
119
  );
 
 
120
  if (count($album_css) != 0)
121
  {
122
  $setting_keys = array();
@@ -288,6 +290,9 @@
288
  </div>
289
  </div>
290
  </form>
 
 
 
291
  <script type="text/javascript">
292
  jQuery(document).ready(function () {
293
  jQuery(".sort").sortable
22
  $album_id = intval($_REQUEST["album_id"]);
23
  $img_in_row = intval($_REQUEST["row"]);
24
  if (isset($_REQUEST["order_id"])) {
25
+ switch (esc_attr($_REQUEST["order_id"])) {
26
  case "unsort":
27
  $pics_order = $wpdb->get_results
28
  (
117
  (
118
  "SELECT * FROM " . gallery_bank_settings()
119
  );
120
+ if(isset($pics_order))
121
+ {
122
  if (count($album_css) != 0)
123
  {
124
  $setting_keys = array();
290
  </div>
291
  </div>
292
  </form>
293
+ <?php
294
+ }
295
+ ?>
296
  <script type="text/javascript">
297
  jQuery(document).ready(function () {
298
  jQuery(".sort").sortable