NextGEN Gallery – WordPress Gallery Plugin

Version Description

15.02.2011 =
Bugfix : Disallow direct call of ajax file to avoid path disclosure (THX to High-Tech Bridge SA)
Bugfix : Rework jQuery Cycle slideshow for IE compat reason (THX to Justin Dickenson)
Bugfix : Resize only larger images in slideshow
Bugfix : Improved image format detection in gd.thumbnail class (THX to Kupar.b)

Release Info

Developer	alexrabe
Plugin	NextGEN Gallery – WordPress Gallery Plugin
Version	1.7.4
Comparing to
See all releases

Code changes from version 1.7.3 to 1.7.4

Files changed (8) hide show

changelog.txt +7 -1
js/ngg.slideshow.js +57 -29
js/ngg.slideshow.min.js +9 -9
lib/gd.thumbnail.inc.php +15 -12
lib/meta.php +6 -2
nggallery.php +3 -3
readme.txt +7 -1
xml/ajax.php +7 -2

changelog.txt CHANGED Viewed

	@@ -6,7 +6,13 @@ by Alex Rabe & NextGEN DEV Team
6	* TODO : Facebook connector
7	* TODO : Switch to Plupload (http://www.plupload.com/)
8
9	- = V1.7.3 - 20.1.2011






10	* NEW : Introduce plugin health check for conflicts with other plugins/themes
11	* NEW : Adding new XMLRPC method ngg.deleteImage
12	* NEW : Adding new XMLRPC method ngg.editImage


6	* TODO : Facebook connector
7	* TODO : Switch to Plupload (http://www.plupload.com/)
8
9	+ = V1.7.4 - 15.02.2011 =
10	+ * Bugfix : Disallow direct call of ajax file to avoid path disclosure (THX to High-Tech Bridge SA)
11	+ * Bugfix : Rework jQuery Cycle slideshow for IE compat reason (THX to Justin Dickenson)
12	+ * Bugfix : Resize only larger images in slideshow
13	+ * Bugfix : Improved image format detection in gd.thumbnail class (THX to Kupar.b)
14	+
15	+ = V1.7.3 - 20.01.2011 =
16	* NEW : Introduce plugin health check for conflicts with other plugins/themes
17	* NEW : Adding new XMLRPC method ngg.deleteImage
18	* NEW : Adding new XMLRPC method ngg.editImage

js/ngg.slideshow.js CHANGED Viewed

@@ -1,7 +1,7 @@
             /*!
              * NextGEN Slideshow based on jQuery Cycle Plugin
-            -
             * Copyright (c) 2010 Alex Rabe
-            -
             * Version: 1.0.3
              * Requires: jQuery v1.2.6 or later
              */
             jQuery.fn.nggSlideshow = function ( args ) {
@@ -18,9 +18,14 @@ jQuery.fn.nggSlideshow = function ( args ) {
                 var obj = this.selector;
                 var stack = [];
                 var url = s.domain + 'index.php?callback=json&api_key=true&format=json&method=gallery&id=' + s.id;
-            -
-            -
                jQuery.getJSON(url, function(r){
-            -
             		if (r.stat == "ok"){
                         for (img in r.images) {
@@ -28,25 +33,38 @@ jQuery.fn.nggSlideshow = function ( args ) {
                             //populate images into an array
                             stack.push( decodeURI( photo['imageURL'] ) );
+                        }
-            -
-            -
                        // push the first three images out
-            -
                        var i = 1;
-            -
-            -
                        while (stack.length && i <= 3) {
-            -
                            var img = new Image();
-            -
                            img.src = stack.shift();
-            -
                            // Hide them first, Cycle plugin will show them
-            -
                            jQuery( img ).hide();
-            -
                            // Add the image now and resize after loaded
-            -
                            jQuery( obj ).append( imageResize(img, s.width , s.height) );
-            -
                            i++;
-            -
                            // start cycle after the third image
-            -
                            if (i == 3 || stack.length == 0 )
-            -
                                startSlideshow();
-            -
                        }
-            -
+            		}
             	});
                 function startSlideshow() {
@@ -78,12 +96,21 @@ jQuery.fn.nggSlideshow = function ( args ) {
                     if (img.height == 0 || img.width == 0)
                         return img;
-            -
                    var height = (img.height < maxHeight) ? img.height : maxHeight;
-            -
                   	var width  = (img.width  < maxWidth)  ? img.width  : maxWidth;
-            -
                    if (img.height >= img.width)
-            -
                    	width = Math.floor( Math.ceil(img.width / img.height * maxHeight) );
-            -
                    else
-            -
                    	height = Math.floor( Math.ceil(img.height / img.width * maxWidth) );
                     jQuery( img ).css({
                       'height': height,
@@ -96,9 +123,10 @@ jQuery.fn.nggSlideshow = function ( args ) {
                 // add images to slideshow step by step
                 function jCycle_onBefore(curr, next, opts) {
                     if (opts.addSlide)
-            -
                        if (stack.length) {
                             var img = new Image();
                             img.src = stack.shift();
                             jQuery( img ).bind('load', function() {
                                 opts.addSlide( imageResize(this, s.width , s.height) );
                             });


1	/*!
2	* NextGEN Slideshow based on jQuery Cycle Plugin
3	+ * Copyright (c) 2010-2011 Alex Rabe
4	+ * Version: 1.0.5
5	* Requires: jQuery v1.2.6 or later
6	*/
7	jQuery.fn.nggSlideshow = function ( args ) {

18	var obj = this.selector;
19	var stack = [];
20	var url = s.domain + 'index.php?callback=json&api_key=true&format=json&method=gallery&id=' + s.id;
21	+ /*
22	+ the stackLength var will store stack length for ref - it is quicker to ref memory than make a call to find an obj property
23	+ stack length is first collected in jQuery.getJSON(); stack length is auto-decremented in loadImage() + jCycle_onBefore()
24	+ */
25	+ var stackLength = 0;
26	+
27	+ jQuery.getJSON(url, function(r){
28	+
29	if (r.stat == "ok"){
30
31	for (img in r.images) {

33	//populate images into an array
34	stack.push( decodeURI( photo['imageURL'] ) );
35	}
36	+ stackLength = stack.length;
37	+ // init loading first 3 images (param 1 in func is first pass)
38	+ loadImage(1);














39	}
40	});
41	+
42	+ // load image and bind appendImage() to the img load - here we are making sure the loads do not get displaced
43	+ function loadImage(num){
44	+ // check that stack is not empty and we haven't alreay loaded 3 images
45	+ if(stackLength > 0 && num <= 3) {
46	+ var img = new Image();
47	+ img.src = stack.shift();
48	+ stackLength--;
49	+ // wait to append image until the load is complete
50	+ jQuery( img ).bind('load', function() { appendImage(img, num); });
51	+ }
52	+ }
53	+
54	+ // append image to obj
55	+ function appendImage(img, num){
56	+ // Hide them first, Cycle plugin will show them
57	+ jQuery( img ).hide();
58	+ // Add the image now and resize after loaded
59	+ jQuery( obj ).append( imageResize(img, s.width , s.height) );
60	+ // start slideshow with third image, load next image if not
61	+ if (num == 3 \|\| stackLength == 0 ) {
62	+ startSlideshow();
63	+ } else {
64	+ loadImage(++num); // increase index and load next image
65	+ }
66	+
67	+ }
68
69	function startSlideshow() {
70

96	if (img.height == 0 \|\| img.width == 0)
97	return img;
98
99	+ var width, height;
100	+
101	+ if (img.width * maxHeight > img.height * maxWidth) {
102	+ // img has a wider ratio than target size, make width fit
103	+ if (img.width > maxWidth) {
104	+ width = maxWidth;
105	+ height = Math.round(img.height / img.width * maxWidth);
106	+ }
107	+ } else {
108	+ // img has a less wide ratio than target size, make height fit
109	+ if (img.height > maxHeight) {
110	+ height = maxHeight;
111	+ width = Math.round(img.width / img.height * maxHeight);
112	+ }
113	+ }
114
115	jQuery( img ).css({
116	'height': height,

123	// add images to slideshow step by step
124	function jCycle_onBefore(curr, next, opts) {
125	if (opts.addSlide)
126	+ if (stackLength > 0){ // check that stack is not empty
127	var img = new Image();
128	img.src = stack.shift();
129	+ stackLength--;
130	jQuery( img ).bind('load', function() {
131	opts.addSlide( imageResize(this, s.width , s.height) );
132	});

js/ngg.slideshow.min.js CHANGED Viewed

@@ -1,9 +1,9 @@
-            -
            jQuery.fn.nggSlideshow=function(args){var defaults={id:1,width:320,height:240,fx:'fade',domain:'',timeout:5000};var s=jQuery.extend({},defaults,args);var obj=this.selector;var stack=[];var url=s.domain+'index.php?callback=json&api_key=true&format=json&method=gallery&id='+s.id;jQuery.getJSON(url,function(r){if(r.stat=="ok"){for(img in r.images){var photo=r.images[img];stack.push(decodeURI(photo['imageURL']));}
-            -
            var i=1;while(stack.length&&i<=3){var img=new Image();img.src=stack.shift();jQuery(img).hide();jQuery(obj).append(imageResize(img,s.width,s.height));i++;if(i==3||stack.length==0)
-            -
            startSlideshow();}}});function startSlideshow(){jQuery(obj+'-loader').empty().remove();jQuery(obj+' img:first').fadeIn(1000,function(){jQuery(obj).cycle({fx:s.fx,containerResize:1,fit:1,timeout:s.timeout,next:obj,before:jCycle_onBefore});});}
-            -
            function imageResize(img,maxWidth,maxHeight){if(!img.complete)
-            -
            jQuery(img).bind('load',function(){imageResize(img,maxWidth,maxHeight)});if(img.height==0||img.width==0)
-            -
            return img;var height=(img.height<maxHeight)?img.height:maxHeight;var width=(img.width<maxWidth)?img.width:maxWidth;if(img.height>=img.width)
-            -
            width=Math.floor(Math.ceil(img.width/img.height*maxHeight));else
-            -
            height=Math.floor(Math.ceil(img.height/img.width*maxWidth));jQuery(img).css({'height':height,'width':width});return img;};function jCycle_onBefore(curr,next,opts){if(opts.addSlide)
-            -
            if(stack.length){var img=new Image();img.src=stack.shift();jQuery(img).bind('load',function(){opts.addSlide(imageResize(this,s.width,s.height));});}};}


1	+ jQuery.fn.nggSlideshow=function(args){var defaults={id:1,width:320,height:240,fx:'fade',domain:'',timeout:5000};var s=jQuery.extend({},defaults,args);var obj=this.selector;var stack=[];var url=s.domain+'index.php?callback=json&api_key=true&format=json&method=gallery&id='+s.id;var stackLength=0;jQuery.getJSON(url,function(r){if(r.stat=="ok"){for(img in r.images){var photo=r.images[img];stack.push(decodeURI(photo['imageURL']));}
2	+ stackLength=stack.length;loadImage(1);}});function loadImage(num){if(stackLength>0&&num<=3){var img=new Image();img.src=stack.shift();stackLength--;jQuery(img).bind('load',function(){appendImage(img,num);});}}
3	+ function appendImage(img,num){jQuery(img).hide();jQuery(obj).append(imageResize(img,s.width,s.height));if(num==3\|\|stackLength==0){startSlideshow();}else{loadImage(++num);}}
4	+ function startSlideshow(){jQuery(obj+'-loader').empty().remove();jQuery(obj+' img:first').fadeIn(1000,function(){jQuery(obj).cycle({fx:s.fx,containerResize:1,fit:1,timeout:s.timeout,next:obj,before:jCycle_onBefore});});}
5	+ function imageResize(img,maxWidth,maxHeight){if(!img.complete)
6	+ jQuery(img).bind('load',function(){imageResize(img,maxWidth,maxHeight)});if(img.height==0\|\|img.width==0)
7	+ return img;var width,height;if(img.widthmaxHeight>img.heightmaxWidth){if(img.width>maxWidth){width=maxWidth;height=Math.round(img.height/img.widthmaxWidth);}}else{if(img.height>maxHeight){height=maxHeight;width=Math.round(img.width/img.heightmaxHeight);}}
8	+ jQuery(img).css({'height':height,'width':width});return img;};function jCycle_onBefore(curr,next,opts){if(opts.addSlide)
9	+ if(stackLength>0){var img=new Image();img.src=stack.shift();stackLength--;jQuery(img).bind('load',function(){opts.addSlide(imageResize(this,s.width,s.height));});}};}

lib/gd.thumbnail.inc.php CHANGED Viewed

	@@ -3,8 +3,8 @@
3	* gd.thumbnail.inc.php
4	*
5	* @author Ian Selby (ian@gen-x-design.com)
6	- * @copyright Copyright 2006-~~2009~~
7	- * @version 1.2.0 (based on 1.1.3)
8	* @modded by Alex Rabe
9	*
10	*/
	@@ -141,18 +141,21 @@ class ngg_Thumbnail {
141	$this->errmsg = 'File is not readable';
142	$this->error = true;
143	}
144	-
145	//if there are no errors, determine the file format
146	if($this->error == false) {
147	- ~~//check~~ if ~~gif~~
148	- if(~~stristr~~(~~strtolower~~($~~this->fileName~~)~~,'.gif'~~)) ~~$this->format = 'GIF';~~
149	- ~~//check~~ if ~~jpg~~
150	- ~~elseif(stristr(strtolower(~~$~~this->fileName),'.jpg')~~ \|\| ~~stristr~~(~~strtolower(~~$~~this->fileName)~~,~~'.jpeg'~~)) $~~this->format~~ = '~~JPG~~';
151	- ~~//check~~ if ~~png~~
152	- ~~elseif(stristr(strtolower(~~$this->~~fileName),'.png')) $this->~~format = ~~'PNG'~~;
153	- ~~//unknown~~ ~~file~~ ~~format~~
154	- ~~else~~ {
155	- $this->~~errmsg~~ = ~~'Unknown file format'~~;



156	$this->error = true;
157	}
158	}


3	* gd.thumbnail.inc.php
4	*
5	* @author Ian Selby (ian@gen-x-design.com)
6	+ * @copyright Copyright 2006-2011
7	+ * @version 1.2.1 (based on 1.1.3)
8	* @modded by Alex Rabe
9	*
10	*/

141	$this->errmsg = 'File is not readable';
142	$this->error = true;
143	}
144	+
145	//if there are no errors, determine the file format
146	if($this->error == false) {
147	+ $data = @getimagesize($this->fileName);
148	+ if (isset($data) && is_array($data)) {
149	+ $extensions = array('1' => 'GIF', '2' => 'JPG', '3' => 'PNG');
150	+ $extension = array_key_exists($data[2], $extensions) ? $extensions[$data[2]] : '';
151	+ if($extension) {
152	+ $this->format = $extension;
153	+ } else {
154	+ $this->errmsg = 'Unknown file format';
155	+ $this->error = true;
156	+ }
157	+ } else {
158	+ $this->errmsg = 'File is not an image';
159	$this->error = true;
160	}
161	}

lib/meta.php CHANGED Viewed

	@@ -340,8 +340,12 @@ class nggMeta{
340	}
341
342	} // foreach
343	-
344	- // ~~cut~~ ~~off~~ ~~the~~ ~~useless~~ ~~tags~~




345	$xmlarray = $xmlarray['x:xmpmeta']['rdf:RDF']['rdf:Description'];
346
347	// --------- Some values from the XMP format--------- //


340	}
341
342	} // foreach
343	+
344	+ // don't parse a empty array
345	+ if( empty($xmlarray) \|\| empty($xmlarray['x:xmpmeta']) )
346	+ return false;
347	+
348	+ // cut off the useless tags
349	$xmlarray = $xmlarray['x:xmpmeta']['rdf:RDF']['rdf:Description'];
350
351	// --------- Some values from the XMP format--------- //

nggallery.php CHANGED Viewed

	@@ -4,7 +4,7 @@ Plugin Name: NextGEN Gallery
4	Plugin URI: http://alexrabe.de/?page_id=80
5	Description: A NextGENeration Photo gallery for the Web 2.0.
6	Author: Alex Rabe
7	- Version: 1.7.3
8
9	Author URI: http://alexrabe.de/
10
	@@ -34,7 +34,7 @@ if(preg_match('#' . basename(__FILE__) . '#', $_SERVER['PHP_SELF'])) { die('You
34	if (!class_exists('nggLoader')) {
35	class nggLoader {
36
37	- var $version = '1.7.3';
38	var $dbversion = '1.7.0';
39	var $minium_WP = '3.0';
40	var $donators = 'http://nextgen.boelinger.com/donators.php';
	@@ -348,7 +348,7 @@ class nggLoader {
348	wp_enqueue_script('swfobject', NGGALLERY_URLPATH .'admin/js/swfobject.js', FALSE, '2.2');
349	else {
350	wp_register_script('jquery-cycle', NGGALLERY_URLPATH .'js/jquery.cycle.all.min.js', array('jquery'), '2.88');
351	- wp_enqueue_script('ngg-slideshow', NGGALLERY_URLPATH .'js/ngg.slideshow.min.js', array('jquery-cycle'), '1.03');
352
353	}
354


4	Plugin URI: http://alexrabe.de/?page_id=80
5	Description: A NextGENeration Photo gallery for the Web 2.0.
6	Author: Alex Rabe
7	+ Version: 1.7.4
8
9	Author URI: http://alexrabe.de/
10

34	if (!class_exists('nggLoader')) {
35	class nggLoader {
36
37	+ var $version = '1.7.4';
38	var $dbversion = '1.7.0';
39	var $minium_WP = '3.0';
40	var $donators = 'http://nextgen.boelinger.com/donators.php';

348	wp_enqueue_script('swfobject', NGGALLERY_URLPATH .'admin/js/swfobject.js', FALSE, '2.2');
349	else {
350	wp_register_script('jquery-cycle', NGGALLERY_URLPATH .'js/jquery.cycle.all.min.js', array('jquery'), '2.88');
351	+ wp_enqueue_script('ngg-slideshow', NGGALLERY_URLPATH .'js/ngg.slideshow.min.js', array('jquery-cycle'), '1.05');
352
353	}
354

readme.txt CHANGED Viewed

	@@ -134,7 +134,13 @@ To show the most recent added mages : [recent max=x ]
134
135	== Changelog ==
136
137	- = V1.7.3 - 20.01.2011






138	* NEW : Introduce plugin health check for conflicts with other plugins/themes
139	* NEW : Adding new XMLRPC method ngg.deleteImage
140	* NEW : Adding new XMLRPC method ngg.editImage


134
135	== Changelog ==
136
137	+ = V1.7.4 - 15.02.2011 =
138	+ * Bugfix : Disallow direct call of ajax file to avoid path disclosure (THX to High-Tech Bridge SA)
139	+ * Bugfix : Rework jQuery Cycle slideshow for IE compat reason (THX to Justin Dickenson)
140	+ * Bugfix : Resize only larger images in slideshow
141	+ * Bugfix : Improved image format detection in gd.thumbnail class (THX to Kupar.b)
142	+
143	+ = V1.7.3 - 20.01.2011 =
144	* NEW : Introduce plugin health check for conflicts with other plugins/themes
145	* NEW : Adding new XMLRPC method ngg.deleteImage
146	* NEW : Adding new XMLRPC method ngg.editImage

xml/ajax.php CHANGED Viewed

	@@ -1,8 +1,13 @@
1	<?php
2	// see http://codex.wordpress.org/AJAX_in_Plugins

3	// check if we have all needed parameter
4	- if ((!isset($_GET['galleryid']) \|\| !is_numeric($_GET['galleryid'])) \|\| (!isset($_GET['p']) \|\| !is_numeric($_GET['p'])) \|\| !isset($_GET['type']))
5	- ~~die(~~'~~Insufficient~~ ~~parameters.');~~




6
7	switch ($_GET['type']) {
8	case 'gallery':


1	<?php
2	// see http://codex.wordpress.org/AJAX_in_Plugins
3	+
4	// check if we have all needed parameter
5	+ if ( !defined('ABSPATH') \|\| (!isset($_GET['galleryid']) \|\| !is_numeric($_GET['galleryid'])) \|\| (!isset($_GET['p']) \|\| !is_numeric($_GET['p'])) \|\| !isset($_GET['type'])){
6	+ // if it's not ajax request, back to main page
7	+ if($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest')
8	+ header('Location: http://'. $_SERVER['HTTP_HOST']);
9	+ die();
10	+ }
11
12	switch ($_GET['type']) {
13	case 'gallery':

NextGEN Gallery – WordPress Gallery Plugin - Version 1.7.4

Version Description

Release Info

Code changes from version 1.7.3 to 1.7.4