Version Description
- Fixed XSS security vulnerability - thanks to Ingo Chao @ingochao for reporting
- Replaced .live deprecated jQuery call in gantry-widgets.js
Download this release
Release Info
Developer | gantry |
Plugin | Gantry 4 Framework |
Version | 4.1.6 |
Comparing to | |
See all releases |
Code changes from version 4.1.5 to 4.1.6
- CHANGELOG.php +5 -1
- admin/forms/fields/imagepicker.php +1 -1
- admin/forms/fields/updater.php +1 -1
- admin/widgets/colorchooser/css/mooRainbow-2.0.css +1 -1
- admin/widgets/gantry-widgets.js +2 -2
- core/gantry.class.php +11 -10
- core/utilities/gantrycache.class.php +2 -2
- functions.php +1 -1
- gantry.php +1 -1
- gizmos/searchhighlight.php +1 -1
- readme.txt +8 -1
- widgets/breadcrumbs.php +1 -1
- widgets/loginbutton.php +1 -1
- widgets/loginform.php +1 -1
CHANGELOG.php
CHANGED
@@ -2,7 +2,7 @@
|
|
2 |
/**
|
3 |
* Gantry For Wordpress
|
4 |
*
|
5 |
-
* @version $Id: CHANGELOG.php
|
6 |
* @author RocketTheme http://www.rockettheme.com
|
7 |
* @copyright Copyright (C) 2007 - 2015 RocketTheme, LLC
|
8 |
* @license http://www.gnu.org/licenses/gpl-2.0.html GNU/GPLv2 only
|
@@ -27,6 +27,10 @@ Legend:
|
|
27 |
- -> Removed
|
28 |
! -> Note
|
29 |
|
|
|
|
|
|
|
|
|
30 |
------- 4.1.5 Release [] ------
|
31 |
# Fixed layout issues when using WPML and multilingual widgets
|
32 |
# Fixed strict standards error in invertPositionOrder for RTL languages
|
2 |
/**
|
3 |
* Gantry For Wordpress
|
4 |
*
|
5 |
+
* @version $Id: CHANGELOG.php 61405 2015-07-20 08:11:28Z jakub $
|
6 |
* @author RocketTheme http://www.rockettheme.com
|
7 |
* @copyright Copyright (C) 2007 - 2015 RocketTheme, LLC
|
8 |
* @license http://www.gnu.org/licenses/gpl-2.0.html GNU/GPLv2 only
|
27 |
- -> Removed
|
28 |
! -> Note
|
29 |
|
30 |
+
------- 4.1.6 Release [] ------
|
31 |
+
* Fixed XSS security vulnerability - thanks to Ingo Chao @ingochao for reporting
|
32 |
+
# Replaced .live deprecated jQuery call in gantry-widgets.js
|
33 |
+
|
34 |
------- 4.1.5 Release [] ------
|
35 |
# Fixed layout issues when using WPML and multilingual widgets
|
36 |
# Fixed strict standards error in invertPositionOrder for RTL languages
|
admin/forms/fields/imagepicker.php
CHANGED
@@ -1,6 +1,6 @@
|
|
1 |
<?php
|
2 |
/**
|
3 |
-
* @version 4.1.
|
4 |
* @author RocketTheme http://www.rockettheme.com
|
5 |
* @copyright Copyright (C) 2007 - 2015 RocketTheme, LLC
|
6 |
* @license http://www.gnu.org/licenses/gpl-2.0.html GNU/GPLv2 only
|
1 |
<?php
|
2 |
/**
|
3 |
+
* @version 4.1.6 July 20, 2015
|
4 |
* @author RocketTheme http://www.rockettheme.com
|
5 |
* @copyright Copyright (C) 2007 - 2015 RocketTheme, LLC
|
6 |
* @license http://www.gnu.org/licenses/gpl-2.0.html GNU/GPLv2 only
|
admin/forms/fields/updater.php
CHANGED
@@ -27,7 +27,7 @@ class GantryFormFieldUpdater extends GantryFormField
|
|
27 |
|
28 |
$currentVersion = GANTRY_VERSION;
|
29 |
|
30 |
-
if ($currentVersion == "\4.1.
|
31 |
|
32 |
// curl check
|
33 |
if (!function_exists('curl_version')) {
|
27 |
|
28 |
$currentVersion = GANTRY_VERSION;
|
29 |
|
30 |
+
if ($currentVersion == "\4.1.6") $currentVersion = "[DEV]";
|
31 |
|
32 |
// curl check
|
33 |
if (!function_exists('curl_version')) {
|
admin/widgets/colorchooser/css/mooRainbow-2.0.css
CHANGED
@@ -1,5 +1,5 @@
|
|
1 |
/**
|
2 |
-
* @version 4.1.
|
3 |
* @author RocketTheme http://www.rockettheme.com
|
4 |
* @copyright Copyright (C) 2007 - 2015 RocketTheme, LLC
|
5 |
* @license http://www.gnu.org/licenses/gpl-2.0.html GNU/GPLv2 only
|
1 |
/**
|
2 |
+
* @version 4.1.6 July 20, 2015
|
3 |
* @author RocketTheme http://www.rockettheme.com
|
4 |
* @copyright Copyright (C) 2007 - 2015 RocketTheme, LLC
|
5 |
* @license http://www.gnu.org/licenses/gpl-2.0.html GNU/GPLv2 only
|
admin/widgets/gantry-widgets.js
CHANGED
@@ -1,5 +1,5 @@
|
|
1 |
/**
|
2 |
-
* @version $Id: gantry-widgets.js
|
3 |
* @author RocketTheme http://www.rockettheme.com
|
4 |
* @copyright Copyright (C) 2007 - 2015 RocketTheme, LLC
|
5 |
* @license http://www.gnu.org/licenses/gpl-2.0.html GNU/GPLv2 only
|
@@ -25,7 +25,7 @@ var GantryWidgets = {
|
|
25 |
|
26 |
new Tips('.rok-tips', {title: 'data-tips'});
|
27 |
(function($){
|
28 |
-
$('a.widget-action'
|
29 |
new Tips('.rok-tips', {title: 'data-tips'});
|
30 |
});
|
31 |
})(jQuery);
|
1 |
/**
|
2 |
+
* @version $Id: gantry-widgets.js 61404 2015-07-13 09:22:40Z jakub $
|
3 |
* @author RocketTheme http://www.rockettheme.com
|
4 |
* @copyright Copyright (C) 2007 - 2015 RocketTheme, LLC
|
5 |
* @license http://www.gnu.org/licenses/gpl-2.0.html GNU/GPLv2 only
|
25 |
|
26 |
new Tips('.rok-tips', {title: 'data-tips'});
|
27 |
(function($){
|
28 |
+
$(document).on('click', 'a.widget-action', function(){
|
29 |
new Tips('.rok-tips', {title: 'data-tips'});
|
30 |
});
|
31 |
})(jQuery);
|
core/gantry.class.php
CHANGED
@@ -1,6 +1,6 @@
|
|
1 |
<?php
|
2 |
/**
|
3 |
-
* @version $Id: gantry.class.php
|
4 |
* @author RocketTheme http://www.rockettheme.com
|
5 |
* @copyright Copyright (C) 2007 - 2015 RocketTheme, LLC
|
6 |
* @license http://www.gnu.org/licenses/gpl-2.0.html GNU/GPLv2 only
|
@@ -570,7 +570,8 @@ class Gantry
|
|
570 |
$this->_displayHead($output);
|
571 |
$this->_displayFooter($output);
|
572 |
$this->_displayBodyTag($output);
|
573 |
-
|
|
|
574 |
}
|
575 |
|
576 |
/**
|
@@ -1055,7 +1056,7 @@ class Gantry
|
|
1055 |
$path = '/' . preg_replace('#^' . quotemeta($this->baseUrl) . '#', "", $path);
|
1056 |
}
|
1057 |
$filename = strtolower(basename($path, '.css')) . rand(0, 1000);
|
1058 |
-
wp_enqueue_style($filename, $path, array(), '4.1.
|
1059 |
$deps[] = $path;
|
1060 |
}
|
1061 |
}
|
@@ -1068,11 +1069,11 @@ class Gantry
|
|
1068 |
if ($this->baseUrl != "/") {
|
1069 |
$path = '/' . preg_replace('#^' . quotemeta($this->baseUrl) . '#', "", $path);
|
1070 |
}
|
1071 |
-
wp_enqueue_script($path, $path, $deps, '4.1.
|
1072 |
$deps[] = $path;
|
1073 |
}
|
1074 |
foreach ($this->_header_full_scripts as $strSrc) {
|
1075 |
-
wp_enqueue_script($strSrc, $strSrc, $deps, '4.1.
|
1076 |
$deps[] = $strSrc;
|
1077 |
}
|
1078 |
|
@@ -1112,11 +1113,11 @@ class Gantry
|
|
1112 |
if ($this->baseUrl != "/") {
|
1113 |
$path = '/' . preg_replace('#^' . quotemeta($this->baseUrl) . '#', "", $path);
|
1114 |
}
|
1115 |
-
wp_enqueue_script($path, $path, $deps, '4.1.
|
1116 |
$deps[] = $path;
|
1117 |
}
|
1118 |
foreach ($this->_footer_full_scripts as $strSrc) {
|
1119 |
-
wp_enqueue_script($strSrc, $strSrc, $deps, '4.1.
|
1120 |
$deps[] = $strSrc;
|
1121 |
}
|
1122 |
|
@@ -1764,7 +1765,7 @@ class Gantry
|
|
1764 |
if (!defined('GANTRY_FINALIZED')) {
|
1765 |
$this->_styles[$priority][] = $link;
|
1766 |
} else {
|
1767 |
-
wp_enqueue_style($link->getUrl(), $link->getUrl(), array(), '4.1.
|
1768 |
}
|
1769 |
}
|
1770 |
}
|
@@ -1878,7 +1879,7 @@ class Gantry
|
|
1878 |
$this->_footerscripts[$full_path] = $check_url_path . $query_string;
|
1879 |
}
|
1880 |
} else {
|
1881 |
-
wp_enqueue_script($check_url_path, $check_url_path, array(), '4.1.
|
1882 |
}
|
1883 |
break;
|
1884 |
}
|
@@ -1916,7 +1917,7 @@ class Gantry
|
|
1916 |
$this->_footerscripts[$check_path] = $check_url_path . $query_string;
|
1917 |
}
|
1918 |
} else {
|
1919 |
-
wp_enqueue_script($check_url_path, $check_url_path, array(), '4.1.
|
1920 |
}
|
1921 |
break(2);
|
1922 |
}
|
1 |
<?php
|
2 |
/**
|
3 |
+
* @version $Id: gantry.class.php 61405 2015-07-20 08:11:28Z jakub $
|
4 |
* @author RocketTheme http://www.rockettheme.com
|
5 |
* @copyright Copyright (C) 2007 - 2015 RocketTheme, LLC
|
6 |
* @license http://www.gnu.org/licenses/gpl-2.0.html GNU/GPLv2 only
|
570 |
$this->_displayHead($output);
|
571 |
$this->_displayFooter($output);
|
572 |
$this->_displayBodyTag($output);
|
573 |
+
|
574 |
+
echo apply_filters('gantry_before_render_output', $output);
|
575 |
}
|
576 |
|
577 |
/**
|
1056 |
$path = '/' . preg_replace('#^' . quotemeta($this->baseUrl) . '#', "", $path);
|
1057 |
}
|
1058 |
$filename = strtolower(basename($path, '.css')) . rand(0, 1000);
|
1059 |
+
wp_enqueue_style($filename, $path, array(), '4.1.6');
|
1060 |
$deps[] = $path;
|
1061 |
}
|
1062 |
}
|
1069 |
if ($this->baseUrl != "/") {
|
1070 |
$path = '/' . preg_replace('#^' . quotemeta($this->baseUrl) . '#', "", $path);
|
1071 |
}
|
1072 |
+
wp_enqueue_script($path, $path, $deps, '4.1.6');
|
1073 |
$deps[] = $path;
|
1074 |
}
|
1075 |
foreach ($this->_header_full_scripts as $strSrc) {
|
1076 |
+
wp_enqueue_script($strSrc, $strSrc, $deps, '4.1.6');
|
1077 |
$deps[] = $strSrc;
|
1078 |
}
|
1079 |
|
1113 |
if ($this->baseUrl != "/") {
|
1114 |
$path = '/' . preg_replace('#^' . quotemeta($this->baseUrl) . '#', "", $path);
|
1115 |
}
|
1116 |
+
wp_enqueue_script($path, $path, $deps, '4.1.6', true);
|
1117 |
$deps[] = $path;
|
1118 |
}
|
1119 |
foreach ($this->_footer_full_scripts as $strSrc) {
|
1120 |
+
wp_enqueue_script($strSrc, $strSrc, $deps, '4.1.6', true);
|
1121 |
$deps[] = $strSrc;
|
1122 |
}
|
1123 |
|
1765 |
if (!defined('GANTRY_FINALIZED')) {
|
1766 |
$this->_styles[$priority][] = $link;
|
1767 |
} else {
|
1768 |
+
wp_enqueue_style($link->getUrl(), $link->getUrl(), array(), '4.1.6');
|
1769 |
}
|
1770 |
}
|
1771 |
}
|
1879 |
$this->_footerscripts[$full_path] = $check_url_path . $query_string;
|
1880 |
}
|
1881 |
} else {
|
1882 |
+
wp_enqueue_script($check_url_path, $check_url_path, array(), '4.1.6', $in_footer);
|
1883 |
}
|
1884 |
break;
|
1885 |
}
|
1917 |
$this->_footerscripts[$check_path] = $check_url_path . $query_string;
|
1918 |
}
|
1919 |
} else {
|
1920 |
+
wp_enqueue_script($check_url_path, $check_url_path, array(), '4.1.6', $in_footer);
|
1921 |
}
|
1922 |
break(2);
|
1923 |
}
|
core/utilities/gantrycache.class.php
CHANGED
@@ -26,7 +26,7 @@ class GantryCache
|
|
26 |
/**
|
27 |
*
|
28 |
*/
|
29 |
-
const ADMIN_GROUP_NAME = 'GantryAdmin-4.1.
|
30 |
|
31 |
const ADMIN_LIFETIME = 86400;
|
32 |
|
@@ -122,7 +122,7 @@ class GantryCache
|
|
122 |
$this->cache->addDriver('frontend', new WpTransientCacheDriver($this->group, $this->lifetime));
|
123 |
} elseif (is_admin()) {
|
124 |
// TODO get lifetime for backend cache
|
125 |
-
$this->group = self::ADMIN_GROUP_NAME . '-4.1.
|
126 |
$this->cache->addDriver('admin', new WpTransientCacheDriver($this->group, self::ADMIN_LIFETIME));
|
127 |
}
|
128 |
}
|
26 |
/**
|
27 |
*
|
28 |
*/
|
29 |
+
const ADMIN_GROUP_NAME = 'GantryAdmin-4.1.6';
|
30 |
|
31 |
const ADMIN_LIFETIME = 86400;
|
32 |
|
122 |
$this->cache->addDriver('frontend', new WpTransientCacheDriver($this->group, $this->lifetime));
|
123 |
} elseif (is_admin()) {
|
124 |
// TODO get lifetime for backend cache
|
125 |
+
$this->group = self::ADMIN_GROUP_NAME . '-4.1.6';
|
126 |
$this->cache->addDriver('admin', new WpTransientCacheDriver($this->group, self::ADMIN_LIFETIME));
|
127 |
}
|
128 |
}
|
functions.php
CHANGED
@@ -168,7 +168,7 @@ function gantry_construct()
|
|
168 |
/**
|
169 |
* @name GANTRY_VERSION
|
170 |
*/
|
171 |
-
define('GANTRY_VERSION', '4.1.
|
172 |
|
173 |
|
174 |
if (!defined('DS')) {
|
168 |
/**
|
169 |
* @name GANTRY_VERSION
|
170 |
*/
|
171 |
+
define('GANTRY_VERSION', '4.1.6');
|
172 |
|
173 |
|
174 |
if (!defined('DS')) {
|
gantry.php
CHANGED
@@ -10,7 +10,7 @@
|
|
10 |
Plugin Name: Gantry Template Framework
|
11 |
Plugin URI: http://www.gantry-framework.org/
|
12 |
Description: This is a Framework to support easily modifiable themes that are very extensible.
|
13 |
-
Version: 4.1.
|
14 |
Author: RocketTheme
|
15 |
Author URI: http://www.rockettheme.com/wordpress
|
16 |
License: http://www.gnu.org/licenses/gpl-2.0.html GNU/GPLv2 only
|
10 |
Plugin Name: Gantry Template Framework
|
11 |
Plugin URI: http://www.gantry-framework.org/
|
12 |
Description: This is a Framework to support easily modifiable themes that are very extensible.
|
13 |
+
Version: 4.1.6
|
14 |
Author: RocketTheme
|
15 |
Author URI: http://www.rockettheme.com/wordpress
|
16 |
License: http://www.gnu.org/licenses/gpl-2.0.html GNU/GPLv2 only
|
gizmos/searchhighlight.php
CHANGED
@@ -28,7 +28,7 @@ class GantryGizmoSearchHighlight extends GantryGizmo
|
|
28 |
global $gantry, $s;
|
29 |
if(is_search()) {
|
30 |
$gantry->addScript( 'gantry-search-highlight.js' );
|
31 |
-
$js = 'window.addEvent(\'domready\', function() { highlight(\'' . $s . '\'); });';
|
32 |
$gantry->addInlineScript( $js );
|
33 |
}
|
34 |
}
|
28 |
global $gantry, $s;
|
29 |
if(is_search()) {
|
30 |
$gantry->addScript( 'gantry-search-highlight.js' );
|
31 |
+
$js = 'window.addEvent(\'domready\', function() { highlight(\'' . esc_attr($s) . '\'); });';
|
32 |
$gantry->addInlineScript( $js );
|
33 |
}
|
34 |
}
|
readme.txt
CHANGED
@@ -4,7 +4,7 @@ Author URI: http://gantry-framework.org
|
|
4 |
Tags: gantry, framework, template, theme, widgets, flexible, extensible, configurable, 960px, grid, columns, powerful, buddypress
|
5 |
Requires at least: 3.2
|
6 |
Tested up to: 4.2.2
|
7 |
-
Stable tag: 4.1.
|
8 |
|
9 |
Gantry is a comprehensive set of building blocks to enable the rapid development and realization of a design into a flexible and powerful web platform
|
10 |
|
@@ -87,6 +87,10 @@ Once you downloaded and installed Gantry Framework plugin, please download also
|
|
87 |
|
88 |
== Changelog ==
|
89 |
|
|
|
|
|
|
|
|
|
90 |
= 4.1.5 =
|
91 |
* Fixed layout issues when using WPML and multilingual widgets
|
92 |
* Fixed strict standards error in invertPositionOrder for RTL languages
|
@@ -404,6 +408,9 @@ Once you downloaded and installed Gantry Framework plugin, please download also
|
|
404 |
|
405 |
== Upgrade Notice ==
|
406 |
|
|
|
|
|
|
|
407 |
= 4.1.5 =
|
408 |
Please remember to create a full site backup (files + database) before performing update.
|
409 |
|
4 |
Tags: gantry, framework, template, theme, widgets, flexible, extensible, configurable, 960px, grid, columns, powerful, buddypress
|
5 |
Requires at least: 3.2
|
6 |
Tested up to: 4.2.2
|
7 |
+
Stable tag: 4.1.6
|
8 |
|
9 |
Gantry is a comprehensive set of building blocks to enable the rapid development and realization of a design into a flexible and powerful web platform
|
10 |
|
87 |
|
88 |
== Changelog ==
|
89 |
|
90 |
+
= 4.1.6 =
|
91 |
+
* Fixed XSS security vulnerability - thanks to Ingo Chao @ingochao for reporting
|
92 |
+
* Replaced .live deprecated jQuery call in gantry-widgets.js
|
93 |
+
|
94 |
= 4.1.5 =
|
95 |
* Fixed layout issues when using WPML and multilingual widgets
|
96 |
* Fixed strict standards error in invertPositionOrder for RTL languages
|
408 |
|
409 |
== Upgrade Notice ==
|
410 |
|
411 |
+
= 4.1.6 =
|
412 |
+
This update fixes XSS security vulnerability. Please update your Gantry Framework!
|
413 |
+
|
414 |
= 4.1.5 =
|
415 |
Please remember to create a full site backup (files + database) before performing update.
|
416 |
|
widgets/breadcrumbs.php
CHANGED
@@ -1,6 +1,6 @@
|
|
1 |
<?php
|
2 |
/**
|
3 |
-
* @version 4.1.
|
4 |
* @author RocketTheme http://www.rockettheme.com
|
5 |
* @copyright Copyright (C) 2007 - 2015 RocketTheme, LLC
|
6 |
* @license http://www.gnu.org/licenses/gpl-2.0.html GNU/GPLv2 only
|
1 |
<?php
|
2 |
/**
|
3 |
+
* @version 4.1.6 July 20, 2015
|
4 |
* @author RocketTheme http://www.rockettheme.com
|
5 |
* @copyright Copyright (C) 2007 - 2015 RocketTheme, LLC
|
6 |
* @license http://www.gnu.org/licenses/gpl-2.0.html GNU/GPLv2 only
|
widgets/loginbutton.php
CHANGED
@@ -1,6 +1,6 @@
|
|
1 |
<?php
|
2 |
/**
|
3 |
-
* @version 4.1.
|
4 |
* @author RocketTheme http://www.rockettheme.com
|
5 |
* @copyright Copyright (C) 2007 - 2015 RocketTheme, LLC
|
6 |
* @license http://www.gnu.org/licenses/gpl-2.0.html GNU/GPLv2 only
|
1 |
<?php
|
2 |
/**
|
3 |
+
* @version 4.1.6 July 20, 2015
|
4 |
* @author RocketTheme http://www.rockettheme.com
|
5 |
* @copyright Copyright (C) 2007 - 2015 RocketTheme, LLC
|
6 |
* @license http://www.gnu.org/licenses/gpl-2.0.html GNU/GPLv2 only
|
widgets/loginform.php
CHANGED
@@ -1,6 +1,6 @@
|
|
1 |
<?php
|
2 |
/**
|
3 |
-
* @version 4.1.
|
4 |
* @author RocketTheme http://www.rockettheme.com
|
5 |
* @copyright Copyright (C) 2007 - 2015 RocketTheme, LLC
|
6 |
* @license http://www.gnu.org/licenses/gpl-2.0.html GNU/GPLv2 only
|
1 |
<?php
|
2 |
/**
|
3 |
+
* @version 4.1.6 July 20, 2015
|
4 |
* @author RocketTheme http://www.rockettheme.com
|
5 |
* @copyright Copyright (C) 2007 - 2015 RocketTheme, LLC
|
6 |
* @license http://www.gnu.org/licenses/gpl-2.0.html GNU/GPLv2 only
|