NextGEN Gallery – WordPress Gallery Plugin

Version Description

10.12.2011 =
Bugfix : Security hardness for untrusted filenames/meta data (THX to Brian St. Pierre)
Bugfix : Fixed security vulnerability (TXH to Jon Cave)
Bugfix : Load piclens script via other function
Bugfix : IE7 script fix for add gallery
Bugfix : IE7/IE8 width set correctly for edit album autocomplete field

Release Info

Developer	alexrabe
Plugin	NextGEN Gallery – WordPress Gallery Plugin
Version	1.9.1
Comparing to
See all releases

Code changes from version 1.9.0 to 1.9.1

Files changed (22) hide show

admin/addgallery.php +4 -7
admin/admin.php +4 -4
admin/album.php +23 -13
admin/css/nggadmin.css +2 -1
admin/edit-thumbnail.php +5 -5
admin/functions.php +42 -39
admin/js/ngg.autocomplete.js +6 -2
admin/manage-galleries.php +5 -6
admin/manage-images.php +10 -11
admin/manage-sort.php +4 -4
admin/manage.php +9 -9
admin/media-upload.php +6 -6
admin/publish.php +1 -11
admin/rotate.php +7 -8
admin/showmeta.php +8 -8
changelog.txt +7 -4
lib/meta.php +30 -3
lib/post-thumbnail.php +2 -2
nggallery.php +7 -7
nggfunctions.php +3 -1
readme.txt +8 -1
widgets/widgets.php +2 -2

admin/addgallery.php CHANGED Viewed

	@@ -1,9 +1,6 @@
1	<?php
2	if(preg_match('#' . basename(__FILE__) . '#', $_SERVER['PHP_SELF'])) { die('You are not allowed to call this page directly.'); }
3
4	- // sometimes a error feedback is better than a white screen
5	- @ini_set('error_reporting', E_ALL ^ E_NOTICE);
6	-
7	class nggAddGallery {
8
9	/**
	@@ -247,7 +244,7 @@ class nggAddGallery {
247	window.onload = function () {
248	ngg_swf_upload = new SWFUpload({
249	// Backend settings
250	- upload_url : "<?php echo ~~esc_attr~~( $swf_upload_link ); ?>",
251	flash_url : "<?php echo NGGALLERY_URLPATH; ?>admin/js/swfupload.swf",
252
253	// Button Settings
	@@ -330,7 +327,7 @@ class nggAddGallery {
330	jQuery("span.browsefiles").show().click(function(){
331	jQuery("#file_browser").fileTree({
332	script: "admin-ajax.php?action=ngg_file_browser&nonce=<?php echo wp_create_nonce( 'ngg-ajax' ) ;?>",
333	- root: jQuery("#galleryfolder").val(),
334	}, function(folder) {
335	jQuery("#galleryfolder").val( folder );
336	});
	@@ -440,7 +437,7 @@ class nggAddGallery {
440	if ( !nggAdmin::can_manage_this_gallery($gallery->author) )
441	continue;
442	$name = ( empty($gallery->title) ) ? $gallery->name : $gallery->title;
443	- echo '<option value="' . $gallery->gid . '" >' . $gallery->gid . ' - ' . $name . '</option>' . "\n";
444	}
445	?>
446	</select>
	@@ -522,7 +519,7 @@ class nggAddGallery {
522	continue;
523
524	$name = ( empty($gallery->title) ) ? $gallery->name : $gallery->title;
525	- echo '<option value="' . $gallery->gid . '" >' . $gallery->gid . ' - ' . $name . '</option>' . "\n";
526	} ?>
527	</select>
528	<br /><?php echo $this->maxsize; ?>


1	<?php
2	if(preg_match('#' . basename(__FILE__) . '#', $_SERVER['PHP_SELF'])) { die('You are not allowed to call this page directly.'); }
3



4	class nggAddGallery {
5
6	/**

244	window.onload = function () {
245	ngg_swf_upload = new SWFUpload({
246	// Backend settings
247	+ upload_url : "<?php echo esc_js( $swf_upload_link ); ?>",
248	flash_url : "<?php echo NGGALLERY_URLPATH; ?>admin/js/swfupload.swf",
249
250	// Button Settings

327	jQuery("span.browsefiles").show().click(function(){
328	jQuery("#file_browser").fileTree({
329	script: "admin-ajax.php?action=ngg_file_browser&nonce=<?php echo wp_create_nonce( 'ngg-ajax' ) ;?>",
330	+ root: jQuery("#galleryfolder").val()
331	}, function(folder) {
332	jQuery("#galleryfolder").val( folder );
333	});

437	if ( !nggAdmin::can_manage_this_gallery($gallery->author) )
438	continue;
439	$name = ( empty($gallery->title) ) ? $gallery->name : $gallery->title;
440	+ echo '<option value="' . $gallery->gid . '" >' . $gallery->gid . ' - ' . esc_attr( $name ). '</option>' . "\n";
441	}
442	?>
443	</select>

519	continue;
520
521	$name = ( empty($gallery->title) ) ? $gallery->name : $gallery->title;
522	+ echo '<option value="' . $gallery->gid . '" >' . $gallery->gid . ' - ' . esc_attr( $name ) . '</option>' . "\n";
523	} ?>
524	</select>
525	<br /><?php echo $this->maxsize; ?>

admin/admin.php CHANGED Viewed

	@@ -264,13 +264,13 @@ class nggAdminPanel{
264	wp_enqueue_script( 'jquery-ui-autocomplete' );
265	wp_enqueue_script( 'jquery-ui-dialog' );
266	wp_enqueue_script( 'jquery-ui-sortable' );
267	- wp_enqueue_script( 'ngg-autocomplete', NGGALLERY_URLPATH .'admin/js/ngg.autocomplete.js', array('jquery-ui-autocomplete'), '1.0');
268	} else {
269	// Due to script conflict with jQuery UI 1.8.6
270	wp_deregister_script( 'jquery-ui-sortable' );
271	// Package included sortable, dialog, autocomplete, tabs
272	wp_enqueue_script('jquery-ui', NGGALLERY_URLPATH .'admin/js/jquery-ui-1.8.6.min.js', array('jquery'), '1.8.6');
273	- wp_enqueue_script('ngg-autocomplete', NGGALLERY_URLPATH .'admin/js/ngg.autocomplete.js', array('jquery-ui'), '1.0');
274	}
275	break;
276	case "nggallery-options" :
	@@ -416,6 +416,7 @@ class nggAdminPanel{
416
417	/**
418	* New wrapper for WordPress 3.3, so contextual help will be added to the admin bar

419	*
420	* @since 1.9.0
421	* @param object $screen
	@@ -424,8 +425,7 @@ class nggAdminPanel{
424	function add_contextual_help($screen) {
425
426	$help = $this->show_help('', $screen);
427	- add_contextual_help( $screen, $help );
428	-
429	}
430
431	/**


264	wp_enqueue_script( 'jquery-ui-autocomplete' );
265	wp_enqueue_script( 'jquery-ui-dialog' );
266	wp_enqueue_script( 'jquery-ui-sortable' );
267	+ wp_enqueue_script( 'ngg-autocomplete', NGGALLERY_URLPATH .'admin/js/ngg.autocomplete.js', array('jquery-ui-autocomplete'), '1.0.1');
268	} else {
269	// Due to script conflict with jQuery UI 1.8.6
270	wp_deregister_script( 'jquery-ui-sortable' );
271	// Package included sortable, dialog, autocomplete, tabs
272	wp_enqueue_script('jquery-ui', NGGALLERY_URLPATH .'admin/js/jquery-ui-1.8.6.min.js', array('jquery'), '1.8.6');
273	+ wp_enqueue_script('ngg-autocomplete', NGGALLERY_URLPATH .'admin/js/ngg.autocomplete.js', array('jquery-ui'), '1.0.1');
274	}
275	break;
276	case "nggallery-options" :

416
417	/**
418	* New wrapper for WordPress 3.3, so contextual help will be added to the admin bar
419	+ * Rework this see http://wpdevel.wordpress.com/2011/12/06/help-and-screen-api-changes-in-3-3/
420	*
421	* @since 1.9.0
422	* @param object $screen

425	function add_contextual_help($screen) {
426
427	$help = $this->show_help('', $screen);
428	+ //add_contextual_help( $screen, $help );

429	}
430
431	/**

admin/album.php CHANGED Viewed

	@@ -98,6 +98,9 @@ class nggManageAlbum {
98	$result = nggdb::add_album( $_POST['newalbum'] );
99	$this->currentID = ($result) ? $result : 0 ;
100



101	if ($result)
102	nggGallery::show_message(__('Update Successfully','nggallery'));
103	}
	@@ -114,6 +117,10 @@ class nggManageAlbum {
114	} else {
115	$wpdb->query("UPDATE $wpdb->nggalbum SET sortorder = '0' WHERE id = $this->currentID ");
116	}




117	nggGallery::show_message(__('Update Successfully','nggallery'));
118
119	}
	@@ -124,9 +131,13 @@ class nggManageAlbum {
124	wp_die(__('Cheatin’ uh?'));
125
126	$result = nggdb::delete_album( $this->currentID );



127

128	$this->currentID = 0;
129	-
130	if ($result)
131	nggGallery::show_message(__('Album deleted','nggallery'));
132	}
	@@ -173,7 +184,7 @@ jQuery(document).ready(
173	function()
174	{
175	jQuery("#previewpic").nggAutocomplete( {
176	- type: 'image',domain: "<?php echo home_url('index.php', is_ssl() ? 'https' : 'http'); ?>"
177	});
178
179	jQuery('#selectContainer').sortable( {
	@@ -288,7 +299,7 @@ function showDialog() {
288	if( is_array($this->albums) ) {
289	foreach($this->albums as $album) {
290	$selected = ($this->currentID == $album->id) ? 'selected="selected" ' : '';
291	- echo '<option value="' . $album->id . '" ' . $selected . '>' . $album->id . ' - ' . $album->name . '</option>'."\n";
292	}
293	}
294	?>
	@@ -375,7 +386,7 @@ function showDialog() {
375	$album = $this->albums[$this->currentID];
376	?>
377	<div class="widget-top">
378	- <h3><?php esc_html_e('Album ID', 'nggallery'); ?> <?php echo $album->id . ' : ' . $album->name; ?> </h3>
379	</div>
380	<div id="galleryContainer" class="widget-holder target">
381	<?php
	@@ -430,7 +441,7 @@ function showDialog() {
430	echo '<option value="0" selected="selected">' . __('No picture', 'nggallery') . '</option>';
431	else {
432	$picture = nggdb::find_image($album->previewpic);
433	- echo '<option value="' . $picture->pid . '" selected="selected" >'. $picture->pid . ' - ' . ( empty($picture->alltext) ? $picture->filename : $picture->alltext ) .' </option>'."\n";
434	}
435	?>
436	</select>
	@@ -501,7 +512,7 @@ function showDialog() {
501	if ( $this->num_albums < 50 ) {
502	if ($album->previewpic != 0) {
503	$image = $nggdb->find_image( $album->previewpic );
504	- $preview_image = ( !is_null($image->thumbURL) ) ? '<div class="inlinepicture"><img src="' . $image->thumbURL . '" /></div>' : '';
505	}
506	}
507
	@@ -525,7 +536,7 @@ function showDialog() {
525	if ( $this->num_galleries < 50 ) {
526	// set image url
527	$image = $nggdb->find_image( $gallery->previewpic );
528	- $preview_image = isset($image->thumbURL) ? '<div class="inlinepicture"><img src="' . $image->thumbURL . '" /></div>' : '';
529	}
530
531	$prefix = '';
	@@ -538,13 +549,13 @@ function showDialog() {
538	<div class="innerhandle">
539	<div class="item_top ' . $class . '">
540	<a href="#" class="min" title="close">[-]</a>
541	- ID: ' . $obj['id'] . ' \| ' . wp_html_excerpt( nggGallery::i18n( $obj['title'] ) , 25) . '
542	</div>
543	<div class="itemContent">
544	' . $preview_image . '
545	- <p><strong>' . __('Name', 'nggallery') . ' : </strong>' . nggGallery::i18n( $obj['name'] ) . '</p>
546	- <p><strong>' . __('Title', 'nggallery') . ' : </strong>' . nggGallery::i18n( $obj['title'] ) . '</p>
547	- <p><strong>' . __('Page', 'nggallery'). ' : </strong>' . nggGallery::i18n( $obj['pagenname'] ) . '</p>
548	' . apply_filters('ngg_display_album_item_content', '', $obj) . '
549	</div>
550	</div>
	@@ -582,5 +593,4 @@ function showDialog() {
582	return true;
583	}
584
585	- }
586	- ?>


98	$result = nggdb::add_album( $_POST['newalbum'] );
99	$this->currentID = ($result) ? $result : 0 ;
100
101	+ //hook for other plugins
102	+ do_action('ngg_add_album', $this->currentID);
103	+
104	if ($result)
105	nggGallery::show_message(__('Update Successfully','nggallery'));
106	}

117	} else {
118	$wpdb->query("UPDATE $wpdb->nggalbum SET sortorder = '0' WHERE id = $this->currentID ");
119	}
120	+
121	+ //hook for other plugins
122	+ do_action('ngg_update_album_sortorder', $this->currentID);
123	+
124	nggGallery::show_message(__('Update Successfully','nggallery'));
125
126	}

131	wp_die(__('Cheatin’ uh?'));
132
133	$result = nggdb::delete_album( $this->currentID );
134	+
135	+ //hook for other plugins
136	+ do_action('ngg_delete_album', $this->currentID);
137
138	+ // jump back to main selection
139	$this->currentID = 0;
140	+
141	if ($result)
142	nggGallery::show_message(__('Album deleted','nggallery'));
143	}

184	function()
185	{
186	jQuery("#previewpic").nggAutocomplete( {
187	+ type: 'image',domain: "<?php echo home_url('index.php', is_ssl() ? 'https' : 'http'); ?>",width: "95%"
188	});
189
190	jQuery('#selectContainer').sortable( {

299	if( is_array($this->albums) ) {
300	foreach($this->albums as $album) {
301	$selected = ($this->currentID == $album->id) ? 'selected="selected" ' : '';
302	+ echo '<option value="' . $album->id . '" ' . $selected . '>' . $album->id . ' - ' . esc_attr( $album->name ) . '</option>'."\n";
303	}
304	}
305	?>

386	$album = $this->albums[$this->currentID];
387	?>
388	<div class="widget-top">
389	+ <h3><?php esc_html_e('Album ID', 'nggallery'); ?> <?php echo $album->id . ' : ' . esc_html( $album->name ); ?> </h3>
390	</div>
391	<div id="galleryContainer" class="widget-holder target">
392	<?php

441	echo '<option value="0" selected="selected">' . __('No picture', 'nggallery') . '</option>';
442	else {
443	$picture = nggdb::find_image($album->previewpic);
444	+ echo '<option value="' . $picture->pid . '" selected="selected" >'. $picture->pid . ' - ' . ( empty($picture->alltext) ? esc_attr( $picture->filename ) : esc_attr( $picture->alltext ) ) .' </option>'."\n";
445	}
446	?>
447	</select>

512	if ( $this->num_albums < 50 ) {
513	if ($album->previewpic != 0) {
514	$image = $nggdb->find_image( $album->previewpic );
515	+ $preview_image = ( !is_null($image->thumbURL) ) ? '<div class="inlinepicture"><img src="' . esc_url( $image->thumbURL ). '" /></div>' : '';
516	}
517	}
518

536	if ( $this->num_galleries < 50 ) {
537	// set image url
538	$image = $nggdb->find_image( $gallery->previewpic );
539	+ $preview_image = isset($image->thumbURL) ? '<div class="inlinepicture"><img src="' . esc_url( $image->thumbURL ) . '" /></div>' : '';
540	}
541
542	$prefix = '';

549	<div class="innerhandle">
550	<div class="item_top ' . $class . '">
551	<a href="#" class="min" title="close">[-]</a>
552	+ ID: ' . $obj['id'] . ' \| ' . wp_html_excerpt( esc_html ( nggGallery::i18n( $obj['title'] ) ) , 25) . '
553	</div>
554	<div class="itemContent">
555	' . $preview_image . '
556	+ <p><strong>' . __('Name', 'nggallery') . ' : </strong>' . esc_html ( nggGallery::i18n( $obj['name'] ) ). '</p>
557	+ <p><strong>' . __('Title', 'nggallery') . ' : </strong>' . esc_html ( nggGallery::i18n( $obj['title'] ) ) . '</p>
558	+ <p><strong>' . __('Page', 'nggallery'). ' : </strong>' . esc_html ( nggGallery::i18n( $obj['pagenname'] ) ) . '</p>
559	' . apply_filters('ngg_display_album_item_content', '', $obj) . '
560	</div>
561	</div>

593	return true;
594	}
595
596	+ }

admin/css/nggadmin.css CHANGED Viewed

	@@ -1,5 +1,5 @@
1	/*
2	- ** NextGEN Gallery Style for Wordpress 3.2
3	*/
4
5	/* SETTINGS FOR Overview Gallery */
	@@ -243,6 +243,7 @@ div .groupItem
243	cursor: move;
244	width: 295px;
245	padding: 5px;

246	}
247
248	div .innerhandle {


1	/*
2	+ ** NextGEN Gallery Style for Wordpress 3.3
3	*/
4
5	/* SETTINGS FOR Overview Gallery */

243	cursor: move;
244	width: 295px;
245	padding: 5px;
246	+ line-height: 1.5;
247	}
248
249	div .innerhandle {

admin/edit-thumbnail.php CHANGED Viewed

	@@ -134,25 +134,25 @@ if ( ($ngg_options['thumbfix'] == 1) ) {
134	<table width="98%" align="center" style="border:1px solid #DADADA">
135	<tr>
136	<td rowspan="3" valign="middle" align="center" width="350" style="background-color:#DADADA;">
137	- <img src="<?php echo $preview_image; ?>" alt="" id="imageToEdit" />
138	</td>
139	<td width="300" style="background-color : #DADADA;">
140	- <small style="margin-left:6px; display:block;"><?php _e('Select the area for the thumbnail from the picture on the left.', 'nggallery'); ?></small>
141	</td>
142	</tr>
143	<tr>
144	<td align="center" width="300" height="320">
145	<div id="previewNewThumb" style="display:none;width:<?php echo $WidthHtmlPrev; ?>px;height:<?php echo $HeightHtmlPrev; ?>px;overflow:hidden; margin-left:5px;">
146	- <img src="<?php echo $preview_image; ?>" id="imageToEditPreview" />
147	</div>
148	<div id="actualThumb">
149	- <img src="<?php echo $picture->thumbURL; ?>?<?php echo time()?>" />
150	</div>
151	</td>
152	</tr>
153	<tr style="background-color:#DADADA;">
154	<td>
155	- <input type="button" name="update" value="<?php _e('Update', 'nggallery'); ?>" onclick="updateThumb()" class="button-secondary" style="float:left; margin-left:4px;"/>
156	<div id="thumbMsg" style="color:#FF0000; display : none;font-size:11px; float:right; width:60%; height:2em; line-height:2em;"></div>
157	</td>
158	</tr>


134	<table width="98%" align="center" style="border:1px solid #DADADA">
135	<tr>
136	<td rowspan="3" valign="middle" align="center" width="350" style="background-color:#DADADA;">
137	+ <img src="<?php echo esc_url( $preview_image ); ?>" alt="" id="imageToEdit" />
138	</td>
139	<td width="300" style="background-color : #DADADA;">
140	+ <small style="margin-left:6px; display:block;"><?php esc_html_e('Select the area for the thumbnail from the picture on the left.', 'nggallery'); ?></small>
141	</td>
142	</tr>
143	<tr>
144	<td align="center" width="300" height="320">
145	<div id="previewNewThumb" style="display:none;width:<?php echo $WidthHtmlPrev; ?>px;height:<?php echo $HeightHtmlPrev; ?>px;overflow:hidden; margin-left:5px;">
146	+ <img src="<?php echo esc_url( $preview_image ); ?>" id="imageToEditPreview" />
147	</div>
148	<div id="actualThumb">
149	+ <img src="<?php echo esc_url( $picture->thumbURL ); ?>?<?php echo time()?>" />
150	</div>
151	</td>
152	</tr>
153	<tr style="background-color:#DADADA;">
154	<td>
155	+ <input type="button" name="update" value="<?php esc_attr_e('Update', 'nggallery'); ?>" onclick="updateThumb()" class="button-secondary" style="float:left; margin-left:4px;"/>
156	<div id="thumbMsg" style="color:#FF0000; display : none;font-size:11px; float:right; width:60%; height:2em; line-height:2em;"></div>
157	</td>
158	</tr>

admin/functions.php CHANGED Viewed

	@@ -43,7 +43,7 @@ class nggAdmin{
43	// check for main folder
44	if ( !is_dir($nggRoot) ) {
45	if ( !wp_mkdir_p( $nggRoot ) ) {
46	- $txt = __('Directory', 'nggallery').' <strong>' . $defaultpath . '</strong> '.__('didn\'t exist. Please create first the main gallery folder ', 'nggallery').'!<br />';
47	$txt .= __('Check this link, if you didn\'t know how to set the permission :', 'nggallery').' <a href="http://codex.wordpress.org/Changing_File_Permissions">http://codex.wordpress.org/Changing_File_Permissions</a> ';
48	if ($output) nggGallery::show_error($txt);
49	return false;
	@@ -52,7 +52,7 @@ class nggAdmin{
52
53	// check for permission settings, Safe mode limitations are not taken into account.
54	if ( !is_writeable( $nggRoot ) ) {
55	- $txt = __('Directory', 'nggallery').' <strong>' . $defaultpath . '</strong> '.__('is not writeable !', 'nggallery').'<br />';
56	$txt .= __('Check this link, if you didn\'t know how to set the permission :', 'nggallery').' <a href="http://codex.wordpress.org/Changing_File_Permissions">http://codex.wordpress.org/Changing_File_Permissions</a> ';
57	if ($output) nggGallery::show_error($txt);
58	return false;
	@@ -73,22 +73,22 @@ class nggAdmin{
73
74	// 2. Create new gallery folder
75	if ( !wp_mkdir_p (WINABSPATH . $nggpath) )
76	- $txt = __('Unable to create directory ', 'nggallery').$nggpath.'!<br />';
77
78	// 3. Check folder permission
79	if ( !is_writeable(WINABSPATH . $nggpath ) )
80	- $txt .= __('Directory', 'nggallery').' <strong>'.$nggpath.'</strong> '.__('is not writeable !', 'nggallery').'<br />';
81
82	// 4. Now create thumbnail folder inside
83	if ( !is_dir(WINABSPATH . $nggpath . '/thumbs') ) {
84	if ( !wp_mkdir_p ( WINABSPATH . $nggpath . '/thumbs') )
85	- $txt .= __('Unable to create directory ', 'nggallery').' <strong>' . $nggpath . '/thumbs !</strong>';
86	}
87
88	if (SAFE_MODE) {
89	$help = __('The server setting Safe-Mode is on !', 'nggallery');
90	- $help .= '<br />'.__('If you have problems, please create directory', 'nggallery').' <strong>' . $nggpath . '</strong> ';
91	- $help .= __('and the thumbnails directory', 'nggallery').' <strong>' . $nggpath . '/thumbs</strong> '.__('with permission 777 manually !', 'nggallery');
92	if ($output) nggGallery::show_message($help);
93	}
94
	@@ -146,7 +146,7 @@ class nggAdmin{
146	$gallerypath = WINABSPATH . $galleryfolder;
147
148	if (!is_dir($gallerypath)) {
149	- nggGallery::show_error(__('Directory', 'nggallery').' <strong>'.$gallerypath.'</strong> '.__('doesn`t exist!', 'nggallery'));
150	return ;
151	}
152
	@@ -154,7 +154,7 @@ class nggAdmin{
154	$new_imageslist = nggAdmin::scandir($gallerypath);
155
156	if (empty($new_imageslist)) {
157	- nggGallery::show_message(__('Directory', 'nggallery').' <strong>'.$gallerypath.'</strong> '.__('contains no pictures', 'nggallery'));
158	return;
159	}
160
	@@ -176,7 +176,7 @@ class nggAdmin{
176	nggGallery::show_error(__('Database error. Could not add gallery!','nggallery'));
177	return;
178	}
179	- $created_msg = _n( 'Gallery', 'Galleries', 1, 'nggallery' ) . ' <strong>' . $galleryname . '</strong> ' . __('successfully created!','nggallery') . '<br />';
180	}
181
182	// Look for existing image list
	@@ -275,7 +275,7 @@ class nggAdmin{
275	// check for existing thumbnail
276	if (file_exists($image->thumbPath))
277	if (!is_writable($image->thumbPath))
278	- return $image->filename . __(' is not writeable ','nggallery');
279
280	$thumb = new ngg_Thumbnail($image->imagePath, TRUE);
281
	@@ -321,7 +321,7 @@ class nggAdmin{
321	$thumb->destruct();
322
323	if ( !empty($thumb->errmsg) )
324	- return ' <strong>' . $image->filename . ' (Error : '.$thumb->errmsg .')</strong>';
325
326	// success
327	return '1';
	@@ -357,7 +357,7 @@ class nggAdmin{
357	$height = ($height == 0) ? $ngg->options['imgHeight'] : $height;
358
359	if (!is_writable($image->imagePath))
360	- return ' <strong>' . $image->filename . __(' is not writeable','nggallery') . '</strong>';
361
362	$file = new ngg_Thumbnail($image->imagePath, TRUE);
363
	@@ -377,7 +377,7 @@ class nggAdmin{
377	$file->destruct();
378	} else {
379	$file->destruct();
380	- return ' <strong>' . $image->filename . ' (Error : ' . $file->errmsg . ')</strong>';
381	}
382
383	return '1';
	@@ -405,7 +405,7 @@ class nggAdmin{
405	return __('Object didn\'t contain correct data','nggallery');
406
407	if (!is_writable($image->imagePath))
408	- return ' <strong>' . $image->filename . __(' is not writeable','nggallery') . '</strong>';
409
410	// if you didn't define a rotation, we look for the orientation flag in EXIF
411	if ( $dir === false ) {
	@@ -475,7 +475,7 @@ class nggAdmin{
475	$file->destruct();
476
477	if ( !empty($file->errmsg) )
478	- return ' <strong>' . $image->filename . ' (Error : '.$file->errmsg .')</strong>';
479
480	return '1';
481
	@@ -505,7 +505,7 @@ class nggAdmin{
505	nggAdmin::maybe_import_meta( $image->pid );
506
507	if (!is_writable($image->imagePath))
508	- return ' <strong>' . $image->filename . __(' is not writeable','nggallery') . '</strong>';
509
510	$file = new ngg_Thumbnail( $image->imagePath, TRUE );
511
	@@ -531,7 +531,7 @@ class nggAdmin{
531	$file->destruct();
532
533	if ( !empty($file->errmsg) )
534	- return ' <strong>' . $image->filename . ' (Error : '.$file->errmsg .')</strong>';
535
536	return '1';
537	}
	@@ -556,7 +556,7 @@ class nggAdmin{
556	return __('Object didn\'t contain correct data','nggallery');
557
558	if (!is_writable( $image->imagePath ))
559	- return ' <strong>' . $image->filename . __(' is not writeable','nggallery') . '</strong>';
560
561	if (!file_exists( $image->imagePath . '_backup' )) {
562	return ' <strong>'.__('File do not exists','nggallery').'</strong>';
	@@ -679,14 +679,14 @@ class nggAdmin{
679	WHERE pid = %d", $alttext, $description, $timestamp, $image->pid) );
680
681	if ($result === false)
682	- return ' <strong>' . $image->filename . ' ' . __('(Error : Couldn\'t not update data base)', 'nggallery') . '</strong>';
683
684	//this flag will inform us that the import is already one time performed
685	$meta['common']['saved'] = true;
686	$result = nggdb::update_image_meta($image->pid, $meta['common']);
687
688	if ($result === false)
689	- return ' <strong>' . $image->filename . ' ' . __('(Error : Couldn\'t not update meta data)', 'nggallery') . '</strong>';
690
691	// add the tags if we found some
692	if ($meta['keywords']) {
	@@ -695,7 +695,7 @@ class nggAdmin{
695	}
696
697	} else
698	- return ' <strong>' . $image->filename . ' ' . __('(Error : Couldn\'t not find image)', 'nggallery') . '</strong>';// error check
699	}
700
701	return '1';
	@@ -797,6 +797,9 @@ class nggAdmin{
797	$p_header['filename'] = substr ( $p_header['filename'], 0, strpos($p_header['filename'], chr(0) ));
798	// check for extension
799	$info = pathinfo($p_header['filename']);



800	// check for extension
801	$ext = apply_filters('ngg_allowed_file_types', array('jpeg', 'jpg', 'png', 'gif') );
802	if ( in_array( strtolower($info['extension']), $ext) ) {
	@@ -866,7 +869,7 @@ class nggAdmin{
866	// check if file is a zip file
867	if ( !preg_match('/(zip\|download\|octet-stream)/i', $_FILES['zipfile']['type']) ) {
868	@unlink($temp_zipfile); // del temp file
869	- nggGallery::show_error(__('Uploaded file was no or a faulty zip file ! The server recognized : ','nggallery').$_FILES['zipfile']['type']);
870	return false;
871	}
872	}
	@@ -894,12 +897,12 @@ class nggAdmin{
894	if (!is_dir($newfolder)) {
895	// create new directories
896	if (!wp_mkdir_p ($newfolder)) {
897	- $message = sprintf(__('Unable to create directory %s. Is its parent directory writable by the server?', 'nggallery'), $newfolder);
898	nggGallery::show_error($message);
899	return false;
900	}
901	if (!wp_mkdir_p ($newfolder . '/thumbs')) {
902	- nggGallery::show_error(__('Unable to create directory ', 'nggallery') . $newfolder . '/thumbs !');
903	return false;
904	}
905	}
	@@ -972,7 +975,7 @@ class nggAdmin{
972	// check for allowed extension and if it's an image file
973	$ext = array('jpg', 'png', 'gif');
974	if ( !in_array($filepart['extension'], $ext) \|\| !@getimagesize($temp_file) ){
975	- nggGallery::show_error('<strong>' . $imagefiles['name'][$key] . ' </strong>' . __('is no valid image file!','nggallery'));
976	continue;
977	}
978
	@@ -986,14 +989,14 @@ class nggAdmin{
986
987	//check for folder permission
988	if ( !is_writeable($gallery->abspath) ) {
989	- $message = sprintf(__('Unable to write to directory %s. Is this directory writable by the server?', 'nggallery'), $gallery->abspath);
990	nggGallery::show_error($message);
991	return;
992	}
993
994	// save temp file to gallery
995	if ( !@move_uploaded_file($temp_file, $dest_file) ){
996	- nggGallery::show_error(__('Error, the file could not be moved to : ','nggallery') . $dest_file);
997	nggAdmin::check_safemode( $gallery->abspath );
998	continue;
999	}
	@@ -1059,7 +1062,7 @@ class nggAdmin{
1059	// check for allowed extension
1060	$ext = apply_filters('ngg_allowed_file_types', array('jpeg', 'jpg', 'png', 'gif') );
1061	if (!in_array( strtolower( $filepart['extension'] ), $ext))
1062	- return $_FILES[$key]['name'] . __('is no valid image file!', 'nggallery');
1063
1064	// get the path to the gallery
1065	$gallery = $nggdb->find_gallery( (int) $galleryID );
	@@ -1082,7 +1085,7 @@ class nggAdmin{
1082	// save temp file to gallery
1083	if ( !@move_uploaded_file($_FILES["Filedata"]['tmp_name'], $dest_file) ){
1084	nggAdmin::check_safemode(WINABSPATH . $gallery->path);
1085	- return __('Error, the file could not be moved to : ','nggallery').$dest_file;
1086	}
1087
1088	if ( !nggAdmin::chmod($dest_file) )
	@@ -1124,7 +1127,7 @@ class nggAdmin{
1124	$folder_uid = fileowner($foldername);
1125
1126	if ($script_uid != $folder_uid) {
1127	- $message = sprintf(__('SAFE MODE Restriction in effect! You need to create the folder <strong>%s</strong> manually','nggallery'), $foldername);
1128	$message .= '<br />' . sprintf(__('When safe_mode is on, PHP checks to see if the owner (%s) of the current script matches the owner (%s) of the file to be operated on by a file function or its directory','nggallery'), $script_uid, $folder_uid );
1129	nggGallery::show_error($message);
1130	return false;
	@@ -1184,7 +1187,7 @@ class nggAdmin{
1184
1185	// Check for folder permission
1186	if ( !is_writeable( $dest_abspath ) ) {
1187	- $message = sprintf(__('Unable to write to directory %s. Is this directory writable by the server?', 'nggallery'), $dest_abspath );
1188	nggGallery::show_error($message);
1189	return;
1190	}
	@@ -1210,7 +1213,7 @@ class nggAdmin{
1210	// Move files
1211	if ( !@rename($image->imagePath, $destination_path) ) {
1212	$errors .= sprintf(__('Failed to move image %1$s to %2$s','nggallery'),
1213	- '<strong>' . $image->filename . '</strong>', $destination_path) . '<br />';
1214	continue;
1215	}
1216
	@@ -1228,7 +1231,7 @@ class nggAdmin{
1228	if ( $errors != '' )
1229	nggGallery::show_error($errors);
1230
1231	- $link = '<a href="' . admin_url() . 'admin.php?page=nggallery-manage-gallery&mode=edit&gid=' . $destination->gid . '" >' . $destination->title . '</a>';
1232	$messages = sprintf(__('Moved %1$s picture(s) to gallery : %2$s .','nggallery'), $count, $link);
1233	nggGallery::show_message($messages);
1234
	@@ -1261,7 +1264,7 @@ class nggAdmin{
1261
1262	// Check for folder permission
1263	if (!is_writeable(WINABSPATH.$destination->path)) {
1264	- $message = sprintf(__('Unable to write to directory %s. Is this directory writable by the server?', 'nggallery'), WINABSPATH.$destination->path);
1265	nggGallery::show_error($message);
1266	return;
1267	}
	@@ -1289,7 +1292,7 @@ class nggAdmin{
1289	// Copy files
1290	if ( !@copy($image->imagePath, $destination_file_path) ) {
1291	$errors .= sprintf(__('Failed to copy image %1$s to %2$s','nggallery'),
1292	- $image->filename, $destination_file_path) . '<br />';
1293	continue;
1294	}
1295
	@@ -1315,17 +1318,17 @@ class nggAdmin{
1315
1316	if ( $tmp_prefix != '' ) {
1317	$messages .= sprintf(__('Image %1$s (%2$s) copied as image %3$s (%4$s) » The file already existed in the destination gallery.','nggallery'),
1318	- $image->pid, $image->filename, $new_pid, $destination_file_name) . '<br />';
1319	} else {
1320	$messages .= sprintf(__('Image %1$s (%2$s) copied as image %3$s (%4$s)','nggallery'),
1321	- $image->pid, $image->filename, $new_pid, $destination_file_name) . '<br />';
1322	}
1323
1324	}
1325
1326	// Finish by showing errors or success
1327	if ( $errors == '' ) {
1328	- $link = '<a href="' . admin_url() . 'admin.php?page=nggallery-manage-gallery&mode=edit&gid=' . $destination->gid . '" >' . $destination->title . '</a>';
1329	$messages .= '<hr />' . sprintf(__('Copied %1$s picture(s) to gallery: %2$s .','nggallery'), count($images), $link);
1330	}
1331


43	// check for main folder
44	if ( !is_dir($nggRoot) ) {
45	if ( !wp_mkdir_p( $nggRoot ) ) {
46	+ $txt = __('Directory', 'nggallery').' <strong>' . esc_html( $defaultpath ) . '</strong> '.__('didn\'t exist. Please create first the main gallery folder ', 'nggallery').'!<br />';
47	$txt .= __('Check this link, if you didn\'t know how to set the permission :', 'nggallery').' <a href="http://codex.wordpress.org/Changing_File_Permissions">http://codex.wordpress.org/Changing_File_Permissions</a> ';
48	if ($output) nggGallery::show_error($txt);
49	return false;

52
53	// check for permission settings, Safe mode limitations are not taken into account.
54	if ( !is_writeable( $nggRoot ) ) {
55	+ $txt = __('Directory', 'nggallery').' <strong>' . esc_html( $defaultpath ) . '</strong> '.__('is not writeable !', 'nggallery').'<br />';
56	$txt .= __('Check this link, if you didn\'t know how to set the permission :', 'nggallery').' <a href="http://codex.wordpress.org/Changing_File_Permissions">http://codex.wordpress.org/Changing_File_Permissions</a> ';
57	if ($output) nggGallery::show_error($txt);
58	return false;

73
74	// 2. Create new gallery folder
75	if ( !wp_mkdir_p (WINABSPATH . $nggpath) )
76	+ $txt = __('Unable to create directory ', 'nggallery') . esc_html( $nggpath ) . '!<br />';
77
78	// 3. Check folder permission
79	if ( !is_writeable(WINABSPATH . $nggpath ) )
80	+ $txt .= __('Directory', 'nggallery').' <strong>' . esc_html( $nggpath ) . '</strong> '.__('is not writeable !', 'nggallery').'<br />';
81
82	// 4. Now create thumbnail folder inside
83	if ( !is_dir(WINABSPATH . $nggpath . '/thumbs') ) {
84	if ( !wp_mkdir_p ( WINABSPATH . $nggpath . '/thumbs') )
85	+ $txt .= __('Unable to create directory ', 'nggallery').' <strong>' . esc_html( $nggpath ) . '/thumbs !</strong>';
86	}
87
88	if (SAFE_MODE) {
89	$help = __('The server setting Safe-Mode is on !', 'nggallery');
90	+ $help .= '<br />'.__('If you have problems, please create directory', 'nggallery').' <strong>' . esc_html( $nggpath ) . '</strong> ';
91	+ $help .= __('and the thumbnails directory', 'nggallery').' <strong>' . esc_html( $nggpath ) . '/thumbs</strong> '.__('with permission 777 manually !', 'nggallery');
92	if ($output) nggGallery::show_message($help);
93	}
94

146	$gallerypath = WINABSPATH . $galleryfolder;
147
148	if (!is_dir($gallerypath)) {
149	+ nggGallery::show_error(__('Directory', 'nggallery').' <strong>' . esc_html( $gallerypath ) .'</strong> '.__('doesn`t exist!', 'nggallery'));
150	return ;
151	}
152

154	$new_imageslist = nggAdmin::scandir($gallerypath);
155
156	if (empty($new_imageslist)) {
157	+ nggGallery::show_message(__('Directory', 'nggallery').' <strong>' . esc_html( $gallerypath ) . '</strong> '.__('contains no pictures', 'nggallery'));
158	return;
159	}
160

176	nggGallery::show_error(__('Database error. Could not add gallery!','nggallery'));
177	return;
178	}
179	+ $created_msg = _n( 'Gallery', 'Galleries', 1, 'nggallery' ) . ' <strong>' . esc_html( $galleryname ) . '</strong> ' . __('successfully created!','nggallery') . '<br />';
180	}
181
182	// Look for existing image list

275	// check for existing thumbnail
276	if (file_exists($image->thumbPath))
277	if (!is_writable($image->thumbPath))
278	+ return esc_html( $image->filename ) . __(' is not writeable ','nggallery');
279
280	$thumb = new ngg_Thumbnail($image->imagePath, TRUE);
281

321	$thumb->destruct();
322
323	if ( !empty($thumb->errmsg) )
324	+ return ' <strong>' . esc_html( $image->filename ) . ' (Error : '.$thumb->errmsg .')</strong>';
325
326	// success
327	return '1';

357	$height = ($height == 0) ? $ngg->options['imgHeight'] : $height;
358
359	if (!is_writable($image->imagePath))
360	+ return ' <strong>' . esc_html( $image->filename ) . __(' is not writeable','nggallery') . '</strong>';
361
362	$file = new ngg_Thumbnail($image->imagePath, TRUE);
363

377	$file->destruct();
378	} else {
379	$file->destruct();
380	+ return ' <strong>' . esc_html( $image->filename ) . ' (Error : ' . $file->errmsg . ')</strong>';
381	}
382
383	return '1';

405	return __('Object didn\'t contain correct data','nggallery');
406
407	if (!is_writable($image->imagePath))
408	+ return ' <strong>' . esc_html( $image->filename ) . __(' is not writeable','nggallery') . '</strong>';
409
410	// if you didn't define a rotation, we look for the orientation flag in EXIF
411	if ( $dir === false ) {

475	$file->destruct();
476
477	if ( !empty($file->errmsg) )
478	+ return ' <strong>' . esc_html( $image->filename ) . ' (Error : '.$file->errmsg .')</strong>';
479
480	return '1';
481

505	nggAdmin::maybe_import_meta( $image->pid );
506
507	if (!is_writable($image->imagePath))
508	+ return ' <strong>' . esc_html( $image->filename ) . __(' is not writeable','nggallery') . '</strong>';
509
510	$file = new ngg_Thumbnail( $image->imagePath, TRUE );
511

531	$file->destruct();
532
533	if ( !empty($file->errmsg) )
534	+ return ' <strong>' . esc_html( $image->filename ) . ' (Error : '.$file->errmsg .')</strong>';
535
536	return '1';
537	}

556	return __('Object didn\'t contain correct data','nggallery');
557
558	if (!is_writable( $image->imagePath ))
559	+ return ' <strong>' . esc_html( $image->filename ) . __(' is not writeable','nggallery') . '</strong>';
560
561	if (!file_exists( $image->imagePath . '_backup' )) {
562	return ' <strong>'.__('File do not exists','nggallery').'</strong>';

679	WHERE pid = %d", $alttext, $description, $timestamp, $image->pid) );
680
681	if ($result === false)
682	+ return ' <strong>' . esc_html( $image->filename ) . ' ' . __('(Error : Couldn\'t not update data base)', 'nggallery') . '</strong>';
683
684	//this flag will inform us that the import is already one time performed
685	$meta['common']['saved'] = true;
686	$result = nggdb::update_image_meta($image->pid, $meta['common']);
687
688	if ($result === false)
689	+ return ' <strong>' . esc_html( $image->filename ) . ' ' . __('(Error : Couldn\'t not update meta data)', 'nggallery') . '</strong>';
690
691	// add the tags if we found some
692	if ($meta['keywords']) {

695	}
696
697	} else
698	+ return ' <strong>' . esc_html( $image->filename ) . ' ' . __('(Error : Couldn\'t not find image)', 'nggallery') . '</strong>';// error check
699	}
700
701	return '1';

797	$p_header['filename'] = substr ( $p_header['filename'], 0, strpos($p_header['filename'], chr(0) ));
798	// check for extension
799	$info = pathinfo($p_header['filename']);
800	+ // sanitize the file name before we do further processing
801	+ $info['basename'] = sanitize_file_name( $info['basename'] );
802	+ $p_header['filename'] = $info['dirname'] . '/' . $info['basename'];
803	// check for extension
804	$ext = apply_filters('ngg_allowed_file_types', array('jpeg', 'jpg', 'png', 'gif') );
805	if ( in_array( strtolower($info['extension']), $ext) ) {

869	// check if file is a zip file
870	if ( !preg_match('/(zip\|download\|octet-stream)/i', $_FILES['zipfile']['type']) ) {
871	@unlink($temp_zipfile); // del temp file
872	+ nggGallery::show_error(__('Uploaded file was no or a faulty zip file ! The server recognized : ','nggallery') . $_FILES['zipfile']['type']);
873	return false;
874	}
875	}

897	if (!is_dir($newfolder)) {
898	// create new directories
899	if (!wp_mkdir_p ($newfolder)) {
900	+ $message = sprintf(__('Unable to create directory %s. Is its parent directory writable by the server?', 'nggallery'), esc_html( $newfolder ) );
901	nggGallery::show_error($message);
902	return false;
903	}
904	if (!wp_mkdir_p ($newfolder . '/thumbs')) {
905	+ nggGallery::show_error(__('Unable to create directory ', 'nggallery') . esc_html( $newfolder ). '/thumbs !');
906	return false;
907	}
908	}

975	// check for allowed extension and if it's an image file
976	$ext = array('jpg', 'png', 'gif');
977	if ( !in_array($filepart['extension'], $ext) \|\| !@getimagesize($temp_file) ){
978	+ nggGallery::show_error('<strong>' . esc_html( $imagefiles['name'][$key] ) . ' </strong>' . __('is no valid image file!','nggallery'));
979	continue;
980	}
981

989
990	//check for folder permission
991	if ( !is_writeable($gallery->abspath) ) {
992	+ $message = sprintf(__('Unable to write to directory %s. Is this directory writable by the server?', 'nggallery'), esc_html($gallery->abspath) );
993	nggGallery::show_error($message);
994	return;
995	}
996
997	// save temp file to gallery
998	if ( !@move_uploaded_file($temp_file, $dest_file) ){
999	+ nggGallery::show_error(__('Error, the file could not be moved to : ','nggallery') . esc_html( $dest_file ) );
1000	nggAdmin::check_safemode( $gallery->abspath );
1001	continue;
1002	}

1062	// check for allowed extension
1063	$ext = apply_filters('ngg_allowed_file_types', array('jpeg', 'jpg', 'png', 'gif') );
1064	if (!in_array( strtolower( $filepart['extension'] ), $ext))
1065	+ return esc_html( $_FILES[$key]['name'] ) . __('is no valid image file!', 'nggallery');
1066
1067	// get the path to the gallery
1068	$gallery = $nggdb->find_gallery( (int) $galleryID );

1085	// save temp file to gallery
1086	if ( !@move_uploaded_file($_FILES["Filedata"]['tmp_name'], $dest_file) ){
1087	nggAdmin::check_safemode(WINABSPATH . $gallery->path);
1088	+ return __('Error, the file could not be moved to : ','nggallery'). esc_html( $dest_file );
1089	}
1090
1091	if ( !nggAdmin::chmod($dest_file) )

1127	$folder_uid = fileowner($foldername);
1128
1129	if ($script_uid != $folder_uid) {
1130	+ $message = sprintf(__('SAFE MODE Restriction in effect! You need to create the folder <strong>%s</strong> manually','nggallery'), esc_html( $foldername ) );
1131	$message .= '<br />' . sprintf(__('When safe_mode is on, PHP checks to see if the owner (%s) of the current script matches the owner (%s) of the file to be operated on by a file function or its directory','nggallery'), $script_uid, $folder_uid );
1132	nggGallery::show_error($message);
1133	return false;

1187
1188	// Check for folder permission
1189	if ( !is_writeable( $dest_abspath ) ) {
1190	+ $message = sprintf(__('Unable to write to directory %s. Is this directory writable by the server?', 'nggallery'), esc_html( $dest_abspath ) );
1191	nggGallery::show_error($message);
1192	return;
1193	}

1213	// Move files
1214	if ( !@rename($image->imagePath, $destination_path) ) {
1215	$errors .= sprintf(__('Failed to move image %1$s to %2$s','nggallery'),
1216	+ '<strong>' . esc_html( $image->filename ) . '</strong>', esc_html( $destination_path ) ) . '<br />';
1217	continue;
1218	}
1219

1231	if ( $errors != '' )
1232	nggGallery::show_error($errors);
1233
1234	+ $link = '<a href="' . admin_url() . 'admin.php?page=nggallery-manage-gallery&mode=edit&gid=' . $destination->gid . '" >' . esc_html( $destination->title ) . '</a>';
1235	$messages = sprintf(__('Moved %1$s picture(s) to gallery : %2$s .','nggallery'), $count, $link);
1236	nggGallery::show_message($messages);
1237

1264
1265	// Check for folder permission
1266	if (!is_writeable(WINABSPATH.$destination->path)) {
1267	+ $message = sprintf(__('Unable to write to directory %s. Is this directory writable by the server?', 'nggallery'), esc_html( WINABSPATH.$destination->path) );
1268	nggGallery::show_error($message);
1269	return;
1270	}

1292	// Copy files
1293	if ( !@copy($image->imagePath, $destination_file_path) ) {
1294	$errors .= sprintf(__('Failed to copy image %1$s to %2$s','nggallery'),
1295	+ esc_html( $image->filename ), esc_html( $destination_file_path) ) . '<br />';
1296	continue;
1297	}
1298

1318
1319	if ( $tmp_prefix != '' ) {
1320	$messages .= sprintf(__('Image %1$s (%2$s) copied as image %3$s (%4$s) » The file already existed in the destination gallery.','nggallery'),
1321	+ $image->pid, esc_html($image->filename), $new_pid, esc_html($destination_file_name) ) . '<br />';
1322	} else {
1323	$messages .= sprintf(__('Image %1$s (%2$s) copied as image %3$s (%4$s)','nggallery'),
1324	+ $image->pid, esc_html($image->filename), $new_pid, esc_html($destination_file_name) ) . '<br />';
1325	}
1326
1327	}
1328
1329	// Finish by showing errors or success
1330	if ( $errors == '' ) {
1331	+ $link = '<a href="' . admin_url() . 'admin.php?page=nggallery-manage-gallery&mode=edit&gid=' . $destination->gid . '" >' . esc_html($destination->title) . '</a>';
1332	$messages .= '<hr />' . sprintf(__('Copied %1$s picture(s) to gallery: %2$s .','nggallery'), count($images), $link);
1333	}
1334

admin/js/ngg.autocomplete.js CHANGED Viewed

	@@ -1,7 +1,7 @@
1	/*
2	* Implementation of jQuery UI Autocomplete
3	* see http://jqueryui.com/demos/autocomplete/
4	- * Version: 1.0.0
5	* Author : Alex Rabe
6	*/
7	jQuery.fn.nggAutocomplete = function ( args ) {
	@@ -25,7 +25,11 @@ jQuery.fn.nggAutocomplete = function ( args ) {
25	// get current value of drop down field
26	var c_text = jQuery(obj + ' :selected').text();
27	var c_val = jQuery(obj).val();
28	- ~~var~~ ~~c_width=~~ ~~jQuery(obj).css('~~width~~');~~




29	//hide first the drop down field
30	jQuery(obj).hide();
31	jQuery(obj).after('<input name="' + id + '_ac" type="text" id="' + id + '_ac"/>');


1	/*
2	* Implementation of jQuery UI Autocomplete
3	* see http://jqueryui.com/demos/autocomplete/
4	+ * Version: 1.0.1
5	* Author : Alex Rabe
6	*/
7	jQuery.fn.nggAutocomplete = function ( args ) {

25	// get current value of drop down field
26	var c_text = jQuery(obj + ' :selected').text();
27	var c_val = jQuery(obj).val();
28	+ // IE7 / IE 8 didnt get often the correct width
29	+ if (s.width == undefined)
30	+ var c_width = jQuery(this).width();
31	+ else
32	+ var c_width = s.width;
33	//hide first the drop down field
34	jQuery(obj).hide();
35	jQuery(obj).after('<input name="' + id + '_ac" type="text" id="' + id + '_ac"/>');

admin/manage-galleries.php CHANGED Viewed

	@@ -8,8 +8,7 @@ function nggallery_manage_gallery_main() {
8	global $ngg, $nggdb, $wp_query;
9
10	//Build the pagination for more than 25 galleries
11	- if ( ! ~~isset~~( $_GET['paged'] ) \|\| $_GET['paged'] < 1 )
12	- $_GET['paged'] = 1;
13
14	$items_per_page = 25;
15
	@@ -218,10 +217,10 @@ if($gallerylist) {
218	<td class="title column-title">
219	<?php if (nggAdmin::can_manage_this_gallery($gallery->author)) { ?>
220	<a href="<?php echo wp_nonce_url( $ngg->manage_page->base_page . '&mode=edit&gid=' . $gid, 'ngg_editgallery')?>" class='edit' title="<?php _e('Edit'); ?>" >
221	- <?php echo nggGallery::i18n($name); ?>
222	</a>
223	<?php } else { ?>
224	- <?php echo nggGallery::i18n($gallery->title); ?>
225	<?php } ?>
226	<div class="row-actions"></div>
227	</td>
	@@ -229,12 +228,12 @@ if($gallerylist) {
229	break;
230	case 'description' :
231	?>
232	- <td <?php echo $attributes ?>><?php echo nggGallery::i18n($gallery->galdesc); ?> </td>
233	<?php
234	break;
235	case 'author' :
236	?>
237	- <td <?php echo $attributes ?>><?php echo $author_user->display_name; ?></td>
238	<?php
239	break;
240	case 'page_id' :


8	global $ngg, $nggdb, $wp_query;
9
10	//Build the pagination for more than 25 galleries
11	+ $_GET['paged'] = isset($_GET['paged']) && ($_GET['paged'] > 0) ? absint($_GET['paged']) : 1;

12
13	$items_per_page = 25;
14

217	<td class="title column-title">
218	<?php if (nggAdmin::can_manage_this_gallery($gallery->author)) { ?>
219	<a href="<?php echo wp_nonce_url( $ngg->manage_page->base_page . '&mode=edit&gid=' . $gid, 'ngg_editgallery')?>" class='edit' title="<?php _e('Edit'); ?>" >
220	+ <?php echo esc_html( nggGallery::i18n($name) ); ?>
221	</a>
222	<?php } else { ?>
223	+ <?php echo esc_html( nggGallery::i18n($gallery->title) ); ?>
224	<?php } ?>
225	<div class="row-actions"></div>
226	</td>

228	break;
229	case 'description' :
230	?>
231	+ <td <?php echo $attributes ?>><?php echo esc_html( nggGallery::i18n($gallery->galdesc) ); ?> </td>
232	<?php
233	break;
234	case 'author' :
235	?>
236	+ <td <?php echo $attributes ?>><?php echo esc_html( $author_user->display_name ); ?></td>
237	<?php
238	break;
239	case 'page_id' :

admin/manage-images.php CHANGED Viewed

	@@ -42,8 +42,7 @@ function nggallery_picturelist() {
42	}
43
44	// look for pagination
45	- if ( ! ~~isset~~( $_GET['paged'] ) \|\| $_GET['paged'] < 1 )
46	- $_GET['paged'] = 1;
47
48	$start = ( $_GET['paged'] - 1 ) * 50;
49
	@@ -236,7 +235,7 @@ jQuery(document).ready( function() {
236	<input type="hidden" name="page" value="manage-images" />
237
238	<?php else :?>
239	- <h2><?php echo _n( 'Gallery', 'Galleries', 1, 'nggallery' ); ?> : <?php echo nggGallery::i18n($gallery->title); ?></h2>
240
241	<br style="clear: both;" />
242
	@@ -275,14 +274,14 @@ jQuery(document).ready( function() {
275	if ( !array_key_exists ($gallery->previewpic, $picturelist )){
276	$previewpic = $nggdb->find_image($gallery->previewpic);
277	if ($previewpic)
278	- echo '<option value="'.$previewpic->pid.'" selected="selected" >'.$previewpic->pid.' - '.$previewpic->filename.'</option>'."\n";
279	}
280	}
281	if(is_array($picturelist)) {
282	foreach($picturelist as $picture) {
283	if ($picture->exclude) continue;
284	$selected = ($picture->pid == $gallery->previewpic) ? 'selected="selected" ' : '';
285	- echo '<option value="'.$picture->pid.'" '.$selected.'>'.$picture->pid.' - '.$picture->filename.'</option>'."\n";
286	}
287	}
288	?>
	@@ -426,8 +425,8 @@ if($picturelist) {
426	$attributes = 'class="title column-filename column-title"' . $style;
427	?>
428	<td <?php echo $attributes ?>>
429	- <strong><a href="<?php echo $picture->imageURL; ?>" class="thickbox" title="<?php echo $picture->filename ?>">
430	- <?php echo ( empty($picture->alttext) ) ? $picture->filename : stripslashes(nggGallery::i18n($picture->alttext)); ?>
431	</a></strong>
432	<br /><?php echo $date; ?>
433	<?php if ( !empty($picture->meta_data) ): ?>
	@@ -437,7 +436,7 @@ if($picturelist) {
437	<p>
438	<?php
439	$actions = array();
440	- $actions['view'] = '<a class="shutter" href="' . $picture->imageURL . '" title="' . esc_attr(sprintf(__('View "%s"'), $picture->filename)) . '">' . __('View', 'nggallery') . '</a>';
441	$actions['meta'] = '<a class="ngg-dialog" href="' . NGGALLERY_URLPATH . 'admin/showmeta.php?id=' . $pid . '" title="' . __('Show Meta data','nggallery') . '">' . __('Meta', 'nggallery') . '</a>';
442	$actions['custom_thumb'] = '<a class="ngg-dialog" href="' . NGGALLERY_URLPATH . 'admin/edit-thumbnail.php?id=' . $pid . '" title="' . __('Customize thumbnail','nggallery') . '">' . __('Edit thumb', 'nggallery') . '</a>';
443	$actions['rotate'] = '<a class="ngg-dialog" href="' . NGGALLERY_URLPATH . 'admin/rotate.php?id=' . $pid . '" title="' . __('Rotate','nggallery') . '">' . __('Rotate', 'nggallery') . '</a>';
	@@ -462,8 +461,8 @@ if($picturelist) {
462	case 'thumbnail' :
463	$attributes = 'class="id column-thumbnail media-icon"' . $style;
464	?>
465	- <td <?php echo $attributes ?>><a href="<?php echo add_query_arg('i', mt_rand(), $picture->imageURL); ?>" class="shutter" title="<?php echo $picture->filename ?>">
466	- <img class="thumb" src="<?php echo add_query_arg('i', mt_rand(), $picture->thumbURL); ?>" id="thumb<?php echo $pid ?>" />
467	</a>
468	</td>
469	<?php
	@@ -556,7 +555,7 @@ if ( $counter == 0 )
556	foreach ($gallerylist as $gallery) {
557	if ($gallery->gid != $act_gid) {
558	?>
559	- <option value="<?php echo $gallery->gid; ?>" ><?php echo $gallery->gid; ?> - <?php echo stripslashes($gallery->title); ?></option>
560	<?php
561	}
562	}


42	}
43
44	// look for pagination
45	+ $_GET['paged'] = isset($_GET['paged']) && ($_GET['paged'] > 0) ? absint($_GET['paged']) : 1;

46
47	$start = ( $_GET['paged'] - 1 ) * 50;
48

235	<input type="hidden" name="page" value="manage-images" />
236
237	<?php else :?>
238	+ <h2><?php echo _n( 'Gallery', 'Galleries', 1, 'nggallery' ); ?> : <?php echo esc_html ( nggGallery::i18n($gallery->title) ); ?></h2>
239
240	<br style="clear: both;" />
241

274	if ( !array_key_exists ($gallery->previewpic, $picturelist )){
275	$previewpic = $nggdb->find_image($gallery->previewpic);
276	if ($previewpic)
277	+ echo '<option value="'.$previewpic->pid.'" selected="selected" >'.$previewpic->pid.' - ' . esc_attr( $previewpic->filename ) . '</option>'."\n";
278	}
279	}
280	if(is_array($picturelist)) {
281	foreach($picturelist as $picture) {
282	if ($picture->exclude) continue;
283	$selected = ($picture->pid == $gallery->previewpic) ? 'selected="selected" ' : '';
284	+ echo '<option value="'.$picture->pid.'" '.$selected.'>'.$picture->pid.' - ' . esc_attr( $picture->filename ) . '</option>'."\n";
285	}
286	}
287	?>

425	$attributes = 'class="title column-filename column-title"' . $style;
426	?>
427	<td <?php echo $attributes ?>>
428	+ <strong><a href="<?php echo esc_url( $picture->imageURL ); ?>" class="thickbox" title="<?php echo esc_attr ($picture->filename); ?>">
429	+ <?php echo ( empty($picture->alttext) ) ? esc_html( $picture->filename ) : esc_html( stripslashes(nggGallery::i18n($picture->alttext)) ); ?>
430	</a></strong>
431	<br /><?php echo $date; ?>
432	<?php if ( !empty($picture->meta_data) ): ?>

436	<p>
437	<?php
438	$actions = array();
439	+ $actions['view'] = '<a class="shutter" href="' . esc_url( $picture->imageURL ) . '" title="' . esc_attr( sprintf(__('View "%s"'), sanitize_title ($picture->filename) )) . '">' . __('View', 'nggallery') . '</a>';
440	$actions['meta'] = '<a class="ngg-dialog" href="' . NGGALLERY_URLPATH . 'admin/showmeta.php?id=' . $pid . '" title="' . __('Show Meta data','nggallery') . '">' . __('Meta', 'nggallery') . '</a>';
441	$actions['custom_thumb'] = '<a class="ngg-dialog" href="' . NGGALLERY_URLPATH . 'admin/edit-thumbnail.php?id=' . $pid . '" title="' . __('Customize thumbnail','nggallery') . '">' . __('Edit thumb', 'nggallery') . '</a>';
442	$actions['rotate'] = '<a class="ngg-dialog" href="' . NGGALLERY_URLPATH . 'admin/rotate.php?id=' . $pid . '" title="' . __('Rotate','nggallery') . '">' . __('Rotate', 'nggallery') . '</a>';

461	case 'thumbnail' :
462	$attributes = 'class="id column-thumbnail media-icon"' . $style;
463	?>
464	+ <td <?php echo $attributes ?>><a href="<?php echo esc_url ( add_query_arg('i', mt_rand(), $picture->imageURL) ); ?>" class="shutter" title="<?php echo $picture->filename ?>">
465	+ <img class="thumb" src="<?php echo esc_url ( add_query_arg('i', mt_rand(), $picture->thumbURL) ); ?>" id="thumb<?php echo $pid ?>" />
466	</a>
467	</td>
468	<?php

555	foreach ($gallerylist as $gallery) {
556	if ($gallery->gid != $act_gid) {
557	?>
558	+ <option value="<?php echo $gallery->gid; ?>" ><?php echo $gallery->gid; ?> - <?php echo esc_attr( stripslashes($gallery->title) ); ?></option>
559	<?php
560	}
561	}

admin/manage-sort.php CHANGED Viewed

	@@ -2,7 +2,7 @@
2
3	/**
4	* @author Alex Rabe
5	- * @copyright 2008-~~2010~~
6	*/
7
8	function nggallery_sortorder($galleryID = 0){
	@@ -66,7 +66,7 @@ function nggallery_sortorder($galleryID = 0){
66	<input class="button-primary action" type="submit" name="updateSortorder" onclick="saveImageOrder()" value="<?php _e('Update Sort Order', 'nggallery') ?>" />
67	</div>
68	<div class="alignright actions">
69	- <a href="<?php echo $back_url; ?>" class="button"><?php _e('Back to gallery', 'nggallery'); ?></a>
70	</div>
71	</div>
72	<input name="sortorder" type="hidden" />
	@@ -87,8 +87,8 @@ function nggallery_sortorder($galleryID = 0){
87	foreach($picturelist as $picture) {
88	?>
89	<div class="imageBox" id="pid-<?php echo $picture->pid ?>">
90	- <div class="imageBox_theImage" style="background-image:url('<?php echo $picture->thumbURL; ?>')"></div>
91	- <div class="imageBox_label"><span><?php echo stripslashes($picture->alttext) ?></span></div>
92	</div>
93	<?php
94	}


2
3	/**
4	* @author Alex Rabe
5	+ * @copyright 2008-2011
6	*/
7
8	function nggallery_sortorder($galleryID = 0){

66	<input class="button-primary action" type="submit" name="updateSortorder" onclick="saveImageOrder()" value="<?php _e('Update Sort Order', 'nggallery') ?>" />
67	</div>
68	<div class="alignright actions">
69	+ <a href="<?php echo esc_url( $back_url ); ?>" class="button"><?php _e('Back to gallery', 'nggallery'); ?></a>
70	</div>
71	</div>
72	<input name="sortorder" type="hidden" />

87	foreach($picturelist as $picture) {
88	?>
89	<div class="imageBox" id="pid-<?php echo $picture->pid ?>">
90	+ <div class="imageBox_theImage" style="background-image:url('<?php echo esc_url( $picture->thumbURL ); ?>')"></div>
91	+ <div class="imageBox_label"><span><?php echo esc_html( stripslashes($picture->alttext) ); ?></span></div>
92	</div>
93	<?php
94	}

admin/manage.php CHANGED Viewed

	@@ -23,7 +23,7 @@ class nggManageGallery {
23	// Check for pagination request, avoid post process of other submit button, exclude search results
24	if ( isset($_POST['post_paged']) && !isset($_GET['s'] ) ) {
25	if ( $_GET['paged'] != $_POST['post_paged'] ) {
26	- $_GET['paged'] = $_POST['post_paged'];
27	return;
28	}
29	}
	@@ -77,13 +77,12 @@ class nggManageGallery {
77	@unlink($image->thumbPath);
78	@unlink($image->imagePath . '_backup' );
79	}
80	- ~~$result = nggdb::delete_image~~ ( $this->pid );

81	}
82
83	- if ($result) {
84	nggGallery::show_message( __('Picture','nggallery').' \''.$this->pid.'\' '.__('deleted successfully','nggallery') );
85	- do_action('ngg_delete_picture', $this->pid);
86	- }
87
88	$this->mode = 'edit'; // show pictures
89
	@@ -169,14 +168,12 @@ class nggManageGallery {
169	@rmdir( WINABSPATH . $gallery->path );
170	}
171	}
172	-
173	$deleted = nggdb::delete_gallery( $id );
174	}
175
176	- if($deleted) {
177	nggGallery::show_message(__('Gallery deleted successfully ', 'nggallery'));
178	- do_action('ngg_delete_gallery', $id);
179	- }
180
181	}
182	break;
	@@ -265,6 +262,7 @@ class nggManageGallery {
265	@unlink($image->thumbPath);
266	@unlink($image->imagePath."_backup");
267	}

268	$delete_pic = nggdb::delete_image( $image->pid );
269	}
270	}
	@@ -438,6 +436,8 @@ class nggManageGallery {
438	wp_cache_delete($this->gid, 'ngg_gallery');
439	nggGallery::show_message( __('New gallery page ID','nggallery'). ' ' . $gallery_pageid . ' -> <strong>' . $gallery_title . '</strong> ' .__('created','nggallery') );
440	}


441	}
442	}
443


23	// Check for pagination request, avoid post process of other submit button, exclude search results
24	if ( isset($_POST['post_paged']) && !isset($_GET['s'] ) ) {
25	if ( $_GET['paged'] != $_POST['post_paged'] ) {
26	+ $_GET['paged'] = absint( $_POST['post_paged'] );
27	return;
28	}
29	}

77	@unlink($image->thumbPath);
78	@unlink($image->imagePath . '_backup' );
79	}
80	+ do_action('ngg_delete_picture', $this->pid);
81	+ $result = nggdb::delete_image ( $this->pid );
82	}
83
84	+ if ($result)
85	nggGallery::show_message( __('Picture','nggallery').' \''.$this->pid.'\' '.__('deleted successfully','nggallery') );


86
87	$this->mode = 'edit'; // show pictures
88

168	@rmdir( WINABSPATH . $gallery->path );
169	}
170	}
171	+ do_action('ngg_delete_gallery', $id);
172	$deleted = nggdb::delete_gallery( $id );
173	}
174
175	+ if($deleted)
176	nggGallery::show_message(__('Gallery deleted successfully ', 'nggallery'));


177
178	}
179	break;

262	@unlink($image->thumbPath);
263	@unlink($image->imagePath."_backup");
264	}
265	+ do_action('ngg_delete_picture', $image->pid);
266	$delete_pic = nggdb::delete_image( $image->pid );
267	}
268	}

436	wp_cache_delete($this->gid, 'ngg_gallery');
437	nggGallery::show_message( __('New gallery page ID','nggallery'). ' ' . $gallery_pageid . ' -> <strong>' . $gallery_title . '</strong> ' .__('created','nggallery') );
438	}
439	+
440	+ do_action('ngg_gallery_addnewpage', $this->gid);
441	}
442	}
443

admin/media-upload.php CHANGED Viewed

	@@ -208,14 +208,14 @@ function media_upload_nextgen_form($errors) {
208	<div class='filename'></div>
209	<a class='toggle describe-toggle-on' href='#'><?php esc_attr( _e('Show', "nggallery") ); ?></a>
210	<a class='toggle describe-toggle-off' href='#'><?php esc_attr( _e('Hide', "nggallery") );?></a>
211	- <div class='filename new'><?php echo ( empty($picture->alttext) ) ? wp_html_excerpt($picture->filename,60): stripslashes( wp_html_excerpt($picture->alttext,60) ); ?></div>
212	<table class='slidetoggle describe startclosed'><tbody>
213	<tr>
214	<td rowspan='4'><img class='thumbnail' alt='<?php echo esc_attr( $picture->alttext ); ?>' src='<?php echo esc_attr( $picture->thumbURL ); ?>'/></td>
215	- <td><?php ~~esc_attr~~( _e('Image ID:', "nggallery") ); ?><?php echo $picid ?></td>
216	</tr>
217	- <tr><td><?php echo ~~esc_attr~~( $picture->filename ); ?></td></tr>
218	- <tr><td><?php echo ~~esc_attr~~( stripslashes($picture->alttext) ); ?></td></tr>
219	<tr><td> </td></tr>
220	<tr>
221	<td class="label"><label for="image[<?php echo $picid ?>][alttext]"><?php esc_attr_e('Alt/Title text', "nggallery") ;?></label></td>
	@@ -252,8 +252,8 @@ function media_upload_nextgen_form($errors) {
252	</tr>
253	<tr class="submit">
254	<td>
255	- <input type="hidden" name="image[<?php echo $picid ?>][thumb]" value="<?php echo $picture->thumbURL ?>" />
256	- <input type="hidden" name="image[<?php echo $picid ?>][url]" value="<?php echo $picture->imageURL ?>" />
257	</td>
258	<td class="savesend">
259	<?php


208	<div class='filename'></div>
209	<a class='toggle describe-toggle-on' href='#'><?php esc_attr( _e('Show', "nggallery") ); ?></a>
210	<a class='toggle describe-toggle-off' href='#'><?php esc_attr( _e('Hide', "nggallery") );?></a>
211	+ <div class='filename new'><?php echo ( empty($picture->alttext) ) ? wp_html_excerpt( esc_html( $picture->filename ),60) : stripslashes( wp_html_excerpt( esc_html( $picture->alttext ),60) ); ?></div>
212	<table class='slidetoggle describe startclosed'><tbody>
213	<tr>
214	<td rowspan='4'><img class='thumbnail' alt='<?php echo esc_attr( $picture->alttext ); ?>' src='<?php echo esc_attr( $picture->thumbURL ); ?>'/></td>
215	+ <td><?php esc_html( _e('Image ID:', "nggallery") ); ?><?php echo $picid ?></td>
216	</tr>
217	+ <tr><td><?php echo esc_html( $picture->filename ); ?></td></tr>
218	+ <tr><td><?php echo esc_html( stripslashes($picture->alttext) ); ?></td></tr>
219	<tr><td> </td></tr>
220	<tr>
221	<td class="label"><label for="image[<?php echo $picid ?>][alttext]"><?php esc_attr_e('Alt/Title text', "nggallery") ;?></label></td>

252	</tr>
253	<tr class="submit">
254	<td>
255	+ <input type="hidden" name="image[<?php echo $picid ?>][thumb]" value="<?php echo esc_attr( $picture->thumbURL ); ?>" />
256	+ <input type="hidden" name="image[<?php echo $picid ?>][url]" value="<?php echo esc_attr( $picture->imageURL ); ?>" />
257	</td>
258	<td class="savesend">
259	<?php

admin/publish.php CHANGED Viewed

	@@ -1,14 +1,4 @@
1	<?php
2	- /**
3	-
4	- Custom thumbnail for NGG
5	- Author : Simone Fumagalli \| simone@iliveinperego.com
6	- More info and update : http://www.iliveinperego.com/rotate_for_ngg/
7	-
8	- Credits:
9	- NextGen Gallery : Alex Rabe \| http://alexrabe.boelinger.com/wordpress-plugins/nextgen-gallery/
10	-
11	- **/
12
13	require_once( dirname( dirname(__FILE__) ) . '/ngg-config.php');
14	require_once( NGGALLERY_ABSPATH . '/lib/image.php' );
	@@ -43,7 +33,7 @@ $align = empty ($ngg->options['publish_align']) ? 'none' : $ngg->options['publ
43	<table width="100%" border="0" cellspacing="3" cellpadding="3" >
44	<tr valign="top">
45	<th align="left"><?php _e('Post title','nggallery') ?></th>
46	- <td><input type="text" size="70" name="post_title" value="<?php echo $picture->alttext; ?>" />
47	<br /><small><?php _e('Enter the post title ','nggallery') ?></small></td>
48	</tr>
49	<tr valign="top">


1	<?php










2
3	require_once( dirname( dirname(__FILE__) ) . '/ngg-config.php');
4	require_once( NGGALLERY_ABSPATH . '/lib/image.php' );

33	<table width="100%" border="0" cellspacing="3" cellpadding="3" >
34	<tr valign="top">
35	<th align="left"><?php _e('Post title','nggallery') ?></th>
36	+ <td><input type="text" size="70" name="post_title" value="<?php echo esc_attr( $picture->alttext); ?>" />
37	<br /><small><?php _e('Enter the post title ','nggallery') ?></small></td>
38	</tr>
39	<tr valign="top">

admin/rotate.php CHANGED Viewed

	@@ -36,7 +36,7 @@ $thumb->resize(350,350);
36	$resizedPreviewInfo = $thumb->newDimensions;
37	$thumb->destruct();
38
39	- $preview_image = home_url() . ~~'/'~~ . 'index.php?callback=image&pid=' . $picture->pid . '&width=350&height=350';
40
41	?>
42
	@@ -75,21 +75,20 @@ $preview_image = home_url() . '/' . 'index.php?callback=image&pid=' . $pict
75	<table width="98%" align="center" style="border:1px solid #DADADA">
76	<tr style="height : 360px;">
77	<td valign="middle" align="center" style="background-color:#DADADA; width : 370px;">
78	- <img src="<?php echo $preview_image ?>" alt="" id="imageToEdit" />
79	</td>
80	<td>
81	- <input type="radio" name="ra" value="cw" /><?php _e('90° clockwise', 'nggallery'); ?><br />
82	- <input type="radio" name="ra" value="ccw" /><?php _e('90° anticlockwise', 'nggallery'); ?><br />
83	- <input type="radio" name="ra" value="fv" /><?php _e('Flip vertically', 'nggallery'); ?><br />
84	- <input type="radio" name="ra" value="fh" /><?php _e('Flip horizontally', 'nggallery'); ?>
85	</td>
86	</tr>
87	<tr style="background-color:#DADADA;">
88
89	<td colspan="2">
90	- <input type="button" name="update" value="<?php _e('Update', 'nggallery'); ?>" onclick="rotateImage()" class="button-secondary" style="float:right; margin-left:4px;"/>
91	<div id="thumbMsg" style="color:#FF0000; display : none;font-size:11px; float:right; width:60%; height:2em; line-height:2em;"></div>
92	-
93	</td>
94	</tr>
95	</table>


36	$resizedPreviewInfo = $thumb->newDimensions;
37	$thumb->destruct();
38
39	+ $preview_image = trailingslashit( home_url() ) . 'index.php?callback=image&pid=' . $picture->pid . '&width=350&height=350';
40
41	?>
42

75	<table width="98%" align="center" style="border:1px solid #DADADA">
76	<tr style="height : 360px;">
77	<td valign="middle" align="center" style="background-color:#DADADA; width : 370px;">
78	+ <img src="<?php echo esc_url( $preview_image ); ?>" alt="" id="imageToEdit" />
79	</td>
80	<td>
81	+ <input type="radio" name="ra" value="cw" /><?php esc_html_e('90° clockwise', 'nggallery'); ?><br />
82	+ <input type="radio" name="ra" value="ccw" /><?php esc_html_e('90° anticlockwise', 'nggallery'); ?><br />
83	+ <input type="radio" name="ra" value="fv" /><?php esc_html_e('Flip vertically', 'nggallery'); ?><br />
84	+ <input type="radio" name="ra" value="fh" /><?php esc_html_e('Flip horizontally', 'nggallery'); ?>
85	</td>
86	</tr>
87	<tr style="background-color:#DADADA;">
88
89	<td colspan="2">
90	+ <input type="button" name="update" value="<?php esc_attr_e('Update', 'nggallery'); ?>" onclick="rotateImage()" class="button-secondary" style="float:right; margin-left:4px;"/>
91	<div id="thumbMsg" style="color:#FF0000; display : none;font-size:11px; float:right; width:60%; height:2em; line-height:2em;"></div>

92	</td>
93	</tr>
94	</table>

admin/showmeta.php CHANGED Viewed

	@@ -40,8 +40,8 @@ $class = '';
40	if ( is_array($value) ) continue;
41	$class = ( $class == 'class="alternate"' ) ? '' : 'class="alternate"';
42	echo '<tr '.$class.'>
43	- <td style="width:230px">'.$meta->i8n_name($key).'</td>
44	- <td>'.$value.'</td>
45	</tr>';
46	}
47	?>
	@@ -65,8 +65,8 @@ $class = '';
65	foreach ($exifdata as $key => $value){
66	$class = ( $class == 'class="alternate"' ) ? '' : 'class="alternate"';
67	echo '<tr '.$class.'>
68	- <td style="width:230px">'.$meta->i8n_name($key).'</td>
69	- <td>'.$value.'</td>
70	</tr>';
71	}
72	?>
	@@ -90,8 +90,8 @@ $class = '';
90	foreach ($iptcdata as $key => $value){
91	$class = ( $class == 'class="alternate"' ) ? '' : 'class="alternate"';
92	echo '<tr '.$class.'>
93	- <td style="width:230px">'.$meta->i8n_name($key).'</td>
94	- <td>'.$value.'</td>
95	</tr>';
96	}
97	?>
	@@ -114,8 +114,8 @@ $class = '';
114	foreach ($xmpdata as $key => $value){
115	$class = ( $class == 'class="alternate"' ) ? '' : 'class="alternate"';
116	echo '<tr '.$class.'>
117	- <td style="width:230px">'.$meta->i8n_name($key).'</td>
118	- <td>'.$value.'</td>
119	</tr>';
120	}
121	?>


40	if ( is_array($value) ) continue;
41	$class = ( $class == 'class="alternate"' ) ? '' : 'class="alternate"';
42	echo '<tr '.$class.'>
43	+ <td style="width:230px">'. esc_html( $meta->i8n_name($key) ).'</td>
44	+ <td>' . esc_html( $value ) . '</td>
45	</tr>';
46	}
47	?>

65	foreach ($exifdata as $key => $value){
66	$class = ( $class == 'class="alternate"' ) ? '' : 'class="alternate"';
67	echo '<tr '.$class.'>
68	+ <td style="width:230px">' . esc_html ( $meta->i8n_name($key) ) . '</td>
69	+ <td>' . esc_html( $value ) .'</td>
70	</tr>';
71	}
72	?>

90	foreach ($iptcdata as $key => $value){
91	$class = ( $class == 'class="alternate"' ) ? '' : 'class="alternate"';
92	echo '<tr '.$class.'>
93	+ <td style="width:230px">' . esc_html( $meta->i8n_name($key) ) . '</td>
94	+ <td>' . esc_html( $value ) . '</td>
95	</tr>';
96	}
97	?>

114	foreach ($xmpdata as $key => $value){
115	$class = ( $class == 'class="alternate"' ) ? '' : 'class="alternate"';
116	echo '<tr '.$class.'>
117	+ <td style="width:230px">' . esc_html( $meta->i8n_name($key) ) . '</td>
118	+ <td>' . esc_html( $value ) . '</td>
119	</tr>';
120	}
121	?>

changelog.txt CHANGED Viewed

	@@ -1,9 +1,12 @@
1	NextGEN Gallery
2	by Alex Rabe & NextGEN DEV Team
3
4	- = V2.0.0 - In ~~the future~~ =
5	- * ~~TODO~~ : ~~Facebook~~ ~~connector~~
6	- * ~~TODO~~ : ~~Rework~~ ~~album~~ ~~page~~ ~~for~~ ~~large~~ ~~amount~~ ~~of galleries~~



7
8	= V1.9.0 - 27.11.2011 =
9	* NEW : Keep images transparency for PNG and GIF format
	@@ -13,7 +16,7 @@ by Alex Rabe & NextGEN DEV Team
13	* NEW : Added new hook ngg_delete_picture
14	* Changed : Updated to jQuery Cycle Version 2.9995
15	* Changed : Always cache the single pictures, remove option
16	- * Bugfix : Couldn't use bulk operation for ~~serach~~ results
17	* Bugfix : Bugfix for Edit thumbnails under IE 8 + 9
18	* Bugfix : Allow empty altext in ngg.editImage
19	* Bugfix : Various PHP notice fixes


1	NextGEN Gallery
2	by Alex Rabe & NextGEN DEV Team
3
4	+ = V1.9.1 - 10.12.2011 =
5	+ * Bugfix : Security hardness for untrusted filenames/meta data (THX to Brian St. Pierre)
6	+ * Bugfix : Fixed security vulnerability (TXH to Jon Cave)
7	+ * Bugfix : Load piclens script via other function
8	+ * Bugfix : IE7 script fix for add gallery
9	+ * Bugfix : IE7/IE8 width set correctly for edit album autocomplete field
10
11	= V1.9.0 - 27.11.2011 =
12	* NEW : Keep images transparency for PNG and GIF format

16	* NEW : Added new hook ngg_delete_picture
17	* Changed : Updated to jQuery Cycle Version 2.9995
18	* Changed : Always cache the single pictures, remove option
19	+ * Bugfix : Couldn't use bulk operation for search results
20	* Bugfix : Bugfix for Edit thumbnails under IE 8 + 9
21	* Bugfix : Allow empty altext in ngg.editImage
22	* Bugfix : Various PHP notice fixes

lib/meta.php CHANGED Viewed

	@@ -21,6 +21,8 @@ class nggMeta{
21	var $exif_array = false; // EXIF data array
22	var $iptc_array = false; // IPTC data array
23	var $xmp_array = false; // XMP data array


24
25	/**
26	* nggMeta::nggMeta()
	@@ -92,6 +94,10 @@ class nggMeta{
92	if ( empty($value) )
93	unset($meta[$key]);
94	}




95
96	return $meta;
97	}
	@@ -174,7 +180,11 @@ class nggMeta{
174	$value = isset($this->exif_array[$object]) ? $this->exif_array[$object] : false;
175	return $value;
176	}
177	-




178	return $this->exif_array;
179
180	}
	@@ -236,7 +246,7 @@ class nggMeta{
236	// var_dump($this->iptc_data);
237	$meta = array();
238	foreach ($iptcTags as $key => $value) {
239	- if ($this->iptc_data[$key])
240	$meta[$value] = trim(utf8_encode(implode(", ", $this->iptc_data[$key])));
241
242	}
	@@ -245,7 +255,11 @@ class nggMeta{
245
246	// return one element if requested
247	if ($object)
248	- return $this->iptc_array[$object];




249
250	return $this->iptc_array;
251	}
	@@ -385,6 +399,10 @@ class nggMeta{
385	if ($object != false )
386	return isset($this->xmp_array[$object]) ? $this->xmp_array[$object] : false;
387




388	return $this->xmp_array;
389	}
390
	@@ -550,6 +568,15 @@ class nggMeta{
550
551	return $meta;
552	}









553
554	}
555


21	var $exif_array = false; // EXIF data array
22	var $iptc_array = false; // IPTC data array
23	var $xmp_array = false; // XMP data array
24	+
25	+ var $sanitize = false; // sanitize meta data on request
26
27	/**
28	* nggMeta::nggMeta()

94	if ( empty($value) )
95	unset($meta[$key]);
96	}
97	+
98	+ // on request sanitize the output
99	+ if ( $this->sanitize == true )
100	+ array_walk( $meta , create_function('&$value', '$value = esc_html($value);'));
101
102	return $meta;
103	}

180	$value = isset($this->exif_array[$object]) ? $this->exif_array[$object] : false;
181	return $value;
182	}
183	+
184	+ // on request sanitize the output
185	+ if ( $this->sanitize == true )
186	+ array_walk( $this->exif_array , create_function('&$value', '$value = esc_html($value);'));
187	+
188	return $this->exif_array;
189
190	}

246	// var_dump($this->iptc_data);
247	$meta = array();
248	foreach ($iptcTags as $key => $value) {
249	+ if (isset ( $this->iptc_data[$key] ) )
250	$meta[$value] = trim(utf8_encode(implode(", ", $this->iptc_data[$key])));
251
252	}

255
256	// return one element if requested
257	if ($object)
258	+ return $this->iptc_array[$object];
259	+
260	+ // on request sanitize the output
261	+ if ( $this->sanitize == true )
262	+ array_walk( $this->iptc_array , create_function('&$value', '$value = esc_html($value);'));
263
264	return $this->iptc_array;
265	}

399	if ($object != false )
400	return isset($this->xmp_array[$object]) ? $this->xmp_array[$object] : false;
401
402	+ // on request sanitize the output
403	+ if ( $this->sanitize == true )
404	+ array_walk( $this->xmp_array , create_function('&$value', '$value = esc_html($value);'));
405	+
406	return $this->xmp_array;
407	}
408

568
569	return $meta;
570	}
571	+
572	+ /**
573	+ * If needed sanitize each value before output
574	+ *
575	+ * @return void
576	+ */
577	+ function sanitize () {
578	+ $this->sanitize = true;
579	+ }
580
581	}
582

lib/post-thumbnail.php CHANGED Viewed

	@@ -116,7 +116,7 @@ class nggPostThumbnail {
116
117	// if we didn't use a cached image then we take the on-the-fly mode
118	if ($img_src == false)
119	- $img_src = home_url() . ~~'/'~~ . 'index.php?callback=image&pid=' . $image->pid . '&width=' . $width . '&height=' . $height . '&mode=crop';
120
121	} else {
122	$img_src = $image->thumbURL;
	@@ -194,7 +194,7 @@ class nggPostThumbnail {
194
195	// if we didn't use a cached image then we take the on-the-fly mode
196	if ( $img_src == false )
197	- $img_src = home_url() . ~~'/'~~ . 'index.php?callback=image&pid=' . $image->pid . '&width=' . $width . '&height=' . $height . '&mode=crop';
198
199	$thumbnail_html = '<img width="266" src="'. $img_src . '" alt="'.$image->alttext.'" title="'.$image->alttext.'" />';
200


116
117	// if we didn't use a cached image then we take the on-the-fly mode
118	if ($img_src == false)
119	+ $img_src = trailingslashit( home_url() ) . 'index.php?callback=image&pid=' . $image->pid . '&width=' . $width . '&height=' . $height . '&mode=crop';
120
121	} else {
122	$img_src = $image->thumbURL;

194
195	// if we didn't use a cached image then we take the on-the-fly mode
196	if ( $img_src == false )
197	+ $img_src = trailingslashit( home_url() ) . 'index.php?callback=image&pid=' . $image->pid . '&width=' . $width . '&height=' . $height . '&mode=crop';
198
199	$thumbnail_html = '<img width="266" src="'. $img_src . '" alt="'.$image->alttext.'" title="'.$image->alttext.'" />';
200

nggallery.php CHANGED Viewed

	@@ -4,7 +4,7 @@ Plugin Name: NextGEN Gallery
4	Plugin URI: http://alexrabe.de/?page_id=80
5	Description: A NextGENeration Photo Gallery for WordPress
6	Author: Alex Rabe
7	- Version: 1.9.0
8
9	Author URI: http://alexrabe.de/
10
	@@ -34,7 +34,7 @@ if(preg_match('#' . basename(__FILE__) . '#', $_SERVER['PHP_SELF'])) { die('You
34	if (!class_exists('nggLoader')) {
35	class nggLoader {
36
37	- var $version = '1.9.0';
38	var $dbversion = '1.8.0';
39	var $minium_WP = '3.1';
40	var $donators = 'http://nextgen.boelinger.com/donators.php';
	@@ -119,10 +119,6 @@ class nggLoader {
119	if ( $this->options['useMediaRSS'] )
120	add_action('wp_head', array('nggMediaRss', 'add_mrss_alternate_link'));
121
122	- // If activated, add PicLens/Cooliris javascript to footer
123	- if ( $this->options['usePicLens'] )
124	- add_action('wp_head', array('nggMediaRss', 'add_piclens_javascript'));
125	-
126	// Look for XML request, before page is render
127	add_action('parse_request', array(&$this, 'check_request') );
128
	@@ -375,11 +371,15 @@ class nggLoader {
375	if ( ($this->options['thumbEffect'] == "shutter") \|\| function_exists('srel_makeshutter') ) {
376	wp_enqueue_script ( 'ngg_script', NGGALLERY_URLPATH . 'js/ngg.js', array('jquery'), '2.1');
377	wp_localize_script( 'ngg_script', 'ngg_ajax', array('path' => NGGALLERY_URLPATH,
378	- 'callback' => home_url() . ~~'/'~~ . 'index.php?callback=ngg-ajax',
379	'loading' => __('loading', 'nggallery'),
380	) );
381	}
382	}




383
384	}
385


4	Plugin URI: http://alexrabe.de/?page_id=80
5	Description: A NextGENeration Photo Gallery for WordPress
6	Author: Alex Rabe
7	+ Version: 1.9.1
8
9	Author URI: http://alexrabe.de/
10

34	if (!class_exists('nggLoader')) {
35	class nggLoader {
36
37	+ var $version = '1.9.1';
38	var $dbversion = '1.8.0';
39	var $minium_WP = '3.1';
40	var $donators = 'http://nextgen.boelinger.com/donators.php';

119	if ( $this->options['useMediaRSS'] )
120	add_action('wp_head', array('nggMediaRss', 'add_mrss_alternate_link'));
121




122	// Look for XML request, before page is render
123	add_action('parse_request', array(&$this, 'check_request') );
124

371	if ( ($this->options['thumbEffect'] == "shutter") \|\| function_exists('srel_makeshutter') ) {
372	wp_enqueue_script ( 'ngg_script', NGGALLERY_URLPATH . 'js/ngg.js', array('jquery'), '2.1');
373	wp_localize_script( 'ngg_script', 'ngg_ajax', array('path' => NGGALLERY_URLPATH,
374	+ 'callback' => trailingslashit( home_url() ) . 'index.php?callback=ngg-ajax',
375	'loading' => __('loading', 'nggallery'),
376	) );
377	}
378	}
379	+
380	+ // If activated, add PicLens/Cooliris javascript to footer
381	+ if ( $this->options['usePicLens'] )
382	+ nggMediaRss::add_piclens_javascript();
383
384	}
385

nggfunctions.php CHANGED Viewed

	@@ -726,6 +726,7 @@ function nggCreateImageBrowser($picturelist, $template = '') {
726
727	// let's get the meta data
728	$meta = new nggMeta($act_pid);

729	$exif = $meta->get_EXIF();
730	$iptc = $meta->get_IPTC();
731	$xmp = $meta->get_XMP();
	@@ -802,7 +803,7 @@ function nggSinglePicture($imageID, $width = 250, $height = 250, $mode = '', $fl
802
803	// if we didn't use a cached image then we take the on-the-fly mode
804	if (!$picture->thumbnailURL)
805	- $picture->thumbnailURL = home_url() . ~~'/'~~ . 'index.php?callback=image&pid=' . $imageID . '&width=' . $width . '&height=' . $height . '&mode=' . $mode;
806
807	// add more variables for render output
808	$picture->imageURL = ( empty($link) ) ? $picture->imageURL : $link;
	@@ -821,6 +822,7 @@ function nggSinglePicture($imageID, $width = 250, $height = 250, $mode = '', $fl
821
822	// let's get the meta data
823	$meta = new nggMeta($imageID);

824	$exif = $meta->get_EXIF();
825	$iptc = $meta->get_IPTC();
826	$xmp = $meta->get_XMP();


726
727	// let's get the meta data
728	$meta = new nggMeta($act_pid);
729	+ $meta->sanitize();
730	$exif = $meta->get_EXIF();
731	$iptc = $meta->get_IPTC();
732	$xmp = $meta->get_XMP();

803
804	// if we didn't use a cached image then we take the on-the-fly mode
805	if (!$picture->thumbnailURL)
806	+ $picture->thumbnailURL = trailingslashit( home_url() ) . 'index.php?callback=image&pid=' . $imageID . '&width=' . $width . '&height=' . $height . '&mode=' . $mode;
807
808	// add more variables for render output
809	$picture->imageURL = ( empty($link) ) ? $picture->imageURL : $link;

822
823	// let's get the meta data
824	$meta = new nggMeta($imageID);
825	+ $meta->sanitize();
826	$exif = $meta->get_EXIF();
827	$iptc = $meta->get_IPTC();
828	$xmp = $meta->get_XMP();

readme.txt CHANGED Viewed

	@@ -130,6 +130,13 @@ To show the most recent added mages : [recent max=x ]
130
131	== Changelog ==
132







133	= V1.9.0 - 27.11.2011 =
134	* NEW : Keep images transparency for PNG and GIF format
135	* NEW : Switch to Plupload, support now HTML5 Upload (only with WordPress 3.3)
	@@ -138,7 +145,7 @@ To show the most recent added mages : [recent max=x ]
138	* NEW : Added new hook ngg_delete_picture
139	* Changed : Updated to jQuery Cycle Version 2.9995
140	* Changed : Always cache the single pictures, remove option
141	- * Bugfix : Couldn't use bulk operation for ~~serach~~ results
142	* Bugfix : Bugfix for Edit thumbnails under IE 8 + 9
143	* Bugfix : Allow empty altext in ngg.editImage
144	* Bugfix : Various PHP notice fixes


130
131	== Changelog ==
132
133	+ = V1.9.1 - 10.12.2011 =
134	+ * Bugfix : Security hardness for untrusted filenames/meta data (THX to Brian St. Pierre)
135	+ * Bugfix : Fixed security vulnerability (TXH to Jon Cave)
136	+ * Bugfix : Load piclens script via other function
137	+ * Bugfix : IE7 script fix for add gallery
138	+ * Bugfix : IE7/IE8 width set correctly for edit album autocomplete field
139	+
140	= V1.9.0 - 27.11.2011 =
141	* NEW : Keep images transparency for PNG and GIF format
142	* NEW : Switch to Plupload, support now HTML5 Upload (only with WordPress 3.3)

145	* NEW : Added new hook ngg_delete_picture
146	* Changed : Updated to jQuery Cycle Version 2.9995
147	* Changed : Always cache the single pictures, remove option
148	+ * Bugfix : Couldn't use bulk operation for search results
149	* Bugfix : Bugfix for Edit thumbnails under IE 8 + 9
150	* Bugfix : Allow empty altext in ngg.editImage
151	* Bugfix : Various PHP notice fixes

widgets/widgets.php CHANGED Viewed

	@@ -67,7 +67,7 @@ class nggSlideshowWidget extends WP_Widget {
67	$swfobject->add_attributes('styleclass', 'slideshow-widget');
68
69	// adding the flash parameter
70	- $swfobject->add_flashvars( 'file', urlencode( home_url() . ~~'/'~~ . 'index.php?callback=imagerotator&gid=' . $galleryID ) );
71	$swfobject->add_flashvars( 'shownavigation', 'false', 'true', 'bool');
72	$swfobject->add_flashvars( 'shuffle', $ngg_options['irShuffle'], 'true', 'bool');
73	$swfobject->add_flashvars( 'showicons', $ngg_options['irShowicons'], 'true', 'bool');
	@@ -325,7 +325,7 @@ class nggWidget extends WP_Widget {
325	$instance['show'] = ( $instance['show'] == 'orginal' ) ? 'original' : $instance['show'];
326
327	if ( $instance['show'] == 'original' )
328	- $out .= '<img src="' . home_url() . ~~'/'~~ . 'index.php?callback=image&pid='.$image->pid.'&width='.$instance['width'].'&height='.$instance['height']. '" title="'.$alttext.'" alt="'.$alttext.'" />';
329	else
330	$out .= '<img src="'.$image->thumbURL.'" width="'.$instance['width'].'" height="'.$instance['height'].'" title="'.$alttext.'" alt="'.$alttext.'" />';
331


67	$swfobject->add_attributes('styleclass', 'slideshow-widget');
68
69	// adding the flash parameter
70	+ $swfobject->add_flashvars( 'file', urlencode( trailingslashit( home_url() ) . 'index.php?callback=imagerotator&gid=' . $galleryID ) );
71	$swfobject->add_flashvars( 'shownavigation', 'false', 'true', 'bool');
72	$swfobject->add_flashvars( 'shuffle', $ngg_options['irShuffle'], 'true', 'bool');
73	$swfobject->add_flashvars( 'showicons', $ngg_options['irShowicons'], 'true', 'bool');

325	$instance['show'] = ( $instance['show'] == 'orginal' ) ? 'original' : $instance['show'];
326
327	if ( $instance['show'] == 'original' )
328	+ $out .= '<img src="' . trailingslashit( home_url() ) . 'index.php?callback=image&pid='.$image->pid.'&width='.$instance['width'].'&height='.$instance['height']. '" title="'.$alttext.'" alt="'.$alttext.'" />';
329	else
330	$out .= '<img src="'.$image->thumbURL.'" width="'.$instance['width'].'" height="'.$instance['height'].'" title="'.$alttext.'" alt="'.$alttext.'" />';
331

NextGEN Gallery – WordPress Gallery Plugin - Version 1.9.1

Version Description

Release Info

Code changes from version 1.9.0 to 1.9.1