Photo Gallery by WD – Responsive Photo Gallery - Version 1.3.43

Version Description

  • Fixed: Security issue in filemanager.
  • Fixed: Image title/description direction in Slideshow view after image change.
  • Fixed: Instagram video thumbnail.
  • Fixed: Tags order by name in tags search list.
Download this release

Release Info

Developer webdorado
Plugin Icon 128x128 Photo Gallery by WD – Responsive Photo Gallery
Version 1.3.43
Comparing to
See all releases

Code changes from version 1.3.42 to 1.3.43

Files changed (8) hide show
  1. filemanager/controller.php +97 -16
  2. filemanager/model.php +4 -2
  3. filemanager/view.php +321 -348
  4. framework/WDWLibrary.php +1 -1
  5. framework/WDWLibraryEmbed.php +4 -3
  6. frontend/views/BWGViewSlideshow.php +32 -19
  7. photo-gallery.php +3 -3
  8. readme.txt +7 -1
filemanager/controller.php CHANGED
@@ -11,7 +11,6 @@ class FilemanagerController {
11
  public $uploads_url;
12
 
13
  public function __construct() {
14
- $upload_dir = wp_upload_dir();
15
  global $wd_bwg_options;
16
  $this->uploads_dir = (($wd_bwg_options->images_directory . '/photo-gallery') ? ABSPATH . $wd_bwg_options->images_directory . '/photo-gallery' : WD_BWG_DIR . '/filemanager/uploads');
17
  if (file_exists($this->uploads_dir) == FALSE) {
@@ -46,22 +45,43 @@ class FilemanagerController {
46
  $view->display();
47
  }
48
 
 
 
 
 
 
 
49
  public function make_dir() {
50
  $input_dir = (isset($_REQUEST['dir']) ? str_replace('\\', '', esc_html($_REQUEST['dir'])) : '');
51
  $input_dir = htmlspecialchars_decode($input_dir, ENT_COMPAT | ENT_QUOTES);
 
 
52
  $cur_dir_path = $input_dir == '' ? $this->uploads_dir : $this->uploads_dir . '/' . $input_dir;
53
 
54
  $new_dir_path = $cur_dir_path . '/' . (isset($_REQUEST['new_dir_name']) ? stripslashes(esc_html(sanitize_file_name($_REQUEST['new_dir_name']))) : '');
55
  $new_dir_path = htmlspecialchars_decode($new_dir_path, ENT_COMPAT | ENT_QUOTES);
56
- $msg = '';
 
57
  if (file_exists($new_dir_path) == true) {
58
- $msg = "Directory already exists.";
59
  }
60
  else {
 
61
  mkdir($new_dir_path);
62
  }
 
 
 
 
 
 
 
 
 
 
 
63
  $query_url = wp_nonce_url( admin_url('admin-ajax.php'), 'addImages', 'bwg_nonce' );
64
- $query_url = add_query_arg(array('action' => 'addImages', 'filemanager_msg' => $msg, 'width' => '650', 'height' => '500', 'task' => 'display', 'extensions' => esc_html($_REQUEST['extensions']), 'callback' => esc_html($_REQUEST['callback']), 'dir' => $input_dir, 'TB_iframe' => '1'), $query_url);
65
  header('Location: ' . $query_url);
66
  exit;
67
  }
@@ -69,6 +89,8 @@ class FilemanagerController {
69
  public function rename_item() {
70
  $input_dir = (isset($_REQUEST['dir']) ? str_replace('\\', '', esc_html($_REQUEST['dir'])) : '');
71
  $input_dir = htmlspecialchars_decode($input_dir, ENT_COMPAT | ENT_QUOTES);
 
 
72
  $cur_dir_path = $input_dir == '' ? $this->uploads_dir : $this->uploads_dir . '/' . $input_dir;
73
 
74
  $file_names = explode('**#**', (isset($_REQUEST['file_names']) ? stripslashes(esc_html($_REQUEST['file_names'])) : ''));
@@ -78,6 +100,7 @@ class FilemanagerController {
78
 
79
  $file_new_name = (isset($_REQUEST['file_new_name']) ? stripslashes(esc_html($_REQUEST['file_new_name'])) : '');
80
  $file_new_name = htmlspecialchars_decode($file_new_name, ENT_COMPAT | ENT_QUOTES);
 
81
 
82
  $file_path = $cur_dir_path . '/' . $file_name;
83
  $thumb_file_path = $cur_dir_path . '/thumb/' . $file_name;
@@ -86,27 +109,38 @@ class FilemanagerController {
86
  $msg = '';
87
 
88
  if (file_exists($file_path) == false) {
89
- $msg = "File doesn't exist.";
90
  }
91
  elseif (is_dir($file_path) == true) {
92
  if (rename($file_path, $cur_dir_path . '/' . sanitize_file_name($file_new_name)) == false) {
93
- $msg = "Can't rename the file.";
94
  }
95
  }
96
  elseif ((strrpos($file_name, '.') !== false)) {
97
  $file_extension = substr($file_name, strrpos($file_name, '.') + 1);
98
  if (rename($file_path, $cur_dir_path . '/' . $file_new_name . '.' . $file_extension) == false) {
99
- $msg = "Can't rename the file.";
100
  }
101
  rename($thumb_file_path, $cur_dir_path . '/thumb/' . $file_new_name . '.' . $file_extension);
102
  rename($original_file_path, $cur_dir_path . '/.original/' . $file_new_name . '.' . $file_extension);
103
  }
104
  else {
105
- $msg = "Can't rename the file.";
106
  }
107
  $_REQUEST['file_names'] = '';
 
 
 
 
 
 
 
 
 
 
 
108
  $query_url = wp_nonce_url( admin_url('admin-ajax.php'), 'addImages', 'bwg_nonce' );
109
- $query_url = add_query_arg(array('action' => 'addImages', 'filemanager_msg' => $msg, 'width' => '650', 'height' => '500', 'task' => 'display', 'extensions' => esc_html($_REQUEST['extensions']), 'callback' => esc_html($_REQUEST['callback']), 'dir' => $input_dir, 'TB_iframe' => '1'), $query_url);
110
  header('Location: ' . $query_url);
111
  exit;
112
  }
@@ -114,6 +148,8 @@ class FilemanagerController {
114
  public function remove_items() {
115
  $input_dir = (isset($_REQUEST['dir']) ? str_replace('\\', '', ($_REQUEST['dir'])) : '');
116
  $input_dir = htmlspecialchars_decode($input_dir, ENT_COMPAT | ENT_QUOTES);
 
 
117
  $cur_dir_path = $input_dir == '' ? $this->uploads_dir : $this->uploads_dir . '/' . $input_dir;
118
 
119
  $file_names = explode('**#**', (isset($_REQUEST['file_names']) ? stripslashes(esc_html($_REQUEST['file_names'])) : ''));
@@ -126,7 +162,7 @@ class FilemanagerController {
126
  $thumb_file_path = $cur_dir_path . '/thumb/' . $file_name;
127
  $original_file_path = $cur_dir_path . '/.original/' . $file_name;
128
  if (file_exists($file_path) == false) {
129
- $msg = "Some of the files couldn't be removed.";
130
  }
131
  else {
132
  $this->remove_file_dir($file_path);
@@ -139,8 +175,19 @@ class FilemanagerController {
139
  }
140
  }
141
  $_REQUEST['file_names'] = '';
 
 
 
 
 
 
 
 
 
 
 
142
  $query_url = wp_nonce_url( admin_url('admin-ajax.php'), 'addImages', 'bwg_nonce' );
143
- $query_url = add_query_arg(array('action' => 'addImages', 'filemanager_msg' => $msg, 'width' => '650', 'height' => '500', 'task' => 'show_file_manager', 'extensions' => esc_html($_REQUEST['extensions']), 'callback' => esc_html($_REQUEST['callback']), 'dir' => $input_dir, 'TB_iframe' => '1'), $query_url);
144
  header('Location: ' . $query_url);
145
  exit;
146
  }
@@ -148,15 +195,20 @@ class FilemanagerController {
148
  public function paste_items() {
149
  $input_dir = (isset($_REQUEST['dir']) ? str_replace('\\', '', ($_REQUEST['dir'])) : '');
150
  $input_dir = htmlspecialchars_decode($input_dir, ENT_COMPAT | ENT_QUOTES);
 
 
151
  $msg = '';
152
 
153
  $file_names = explode('**#**', (isset($_REQUEST['clipboard_files']) ? stripslashes($_REQUEST['clipboard_files']) : ''));
154
  $src_dir = (isset($_REQUEST['clipboard_src']) ? stripslashes($_REQUEST['clipboard_src']) : '');
155
  $src_dir = $src_dir == '' ? $this->uploads_dir : $this->uploads_dir . '/' . $src_dir;
156
  $src_dir = htmlspecialchars_decode($src_dir, ENT_COMPAT | ENT_QUOTES);
 
 
157
  $dest_dir = (isset($_REQUEST['clipboard_dest']) ? stripslashes($_REQUEST['clipboard_dest']) : '');
158
  $dest_dir = $dest_dir == '' ? $this->uploads_dir : $this->uploads_dir . '/' . $dest_dir;
159
  $dest_dir = htmlspecialchars_decode($dest_dir, ENT_COMPAT | ENT_QUOTES);
 
160
 
161
  switch ((isset($_REQUEST['clipboard_task']) ? stripslashes($_REQUEST['clipboard_task']) : '')) {
162
  case 'copy':
@@ -195,7 +247,7 @@ class FilemanagerController {
195
  }
196
 
197
  if (!$this->copy_file_dir($src, $dest)) {
198
- $msg = "Failed to copy some of the files.";
199
  }
200
  if (!is_dir($src_dir . '/' . $file_name)) {
201
  $this->copy_file_dir($thumb_src, $thumb_dest);
@@ -223,7 +275,7 @@ class FilemanagerController {
223
  }
224
  }
225
  if ((file_exists($src) == false) || (file_exists($dest) == true) || (!rename($src, $dest))) {
226
- $msg = "Failed to move some of the files.";
227
  }
228
  if (!is_dir($src_dir . '/' . $file_name)) {
229
  rename($thumb_src, $thumb_dest);
@@ -233,20 +285,46 @@ class FilemanagerController {
233
  }
234
  break;
235
  }
 
 
 
 
 
 
 
 
 
 
 
 
236
  $query_url = wp_nonce_url( admin_url('admin-ajax.php'), 'addImages', 'bwg_nonce' );
237
- $query_url = add_query_arg(array('action' => 'addImages', 'filemanager_msg' => $msg, 'width' => '650', 'height' => '500', 'task' => 'show_file_manager', 'extensions' => esc_html($_REQUEST['extensions']), 'callback' => esc_html($_REQUEST['callback']), 'dir' => $input_dir, 'TB_iframe' => '1'), $query_url);
238
  header('Location: ' . $query_url);
239
  exit;
240
  }
241
 
242
  public function import_items() {
 
 
 
 
 
 
 
 
 
 
 
 
243
  $query_url = wp_nonce_url( admin_url('admin-ajax.php'), 'bwg_UploadHandler', 'bwg_nonce' );
244
- $query_url = add_query_arg(array('action' => 'bwg_UploadHandler', 'importer_thumb_width' => esc_html($_REQUEST['importer_thumb_width']), 'importer_thumb_height' => esc_html($_REQUEST['importer_thumb_height']), 'callback' => esc_html($_REQUEST['callback']), 'file_namesML' => esc_html($_REQUEST['file_namesML']), 'importer_img_width' => esc_html($_REQUEST['importer_img_width']), 'importer_img_height' => esc_html($_REQUEST['importer_img_height']), 'import' => 'true', 'redir' => esc_html($_REQUEST['dir']), 'dir' => esc_html($_REQUEST['dir']) . '/'), $query_url);
245
  header('Location: ' . $query_url);
246
  exit;
247
  }
248
 
249
  private function remove_file_dir($del_file_dir) {
 
 
250
  if (is_dir($del_file_dir) == true) {
251
  $files_to_remove = scandir($del_file_dir);
252
  foreach ($files_to_remove as $file) {
@@ -262,6 +340,9 @@ class FilemanagerController {
262
  }
263
 
264
  private function copy_file_dir($src, $dest) {
 
 
 
265
  if (is_dir($src) == true) {
266
  $dir = opendir($src);
267
  @mkdir($dest);
@@ -282,4 +363,4 @@ class FilemanagerController {
282
  return copy($src, $dest);
283
  }
284
  }
285
- }
11
  public $uploads_url;
12
 
13
  public function __construct() {
 
14
  global $wd_bwg_options;
15
  $this->uploads_dir = (($wd_bwg_options->images_directory . '/photo-gallery') ? ABSPATH . $wd_bwg_options->images_directory . '/photo-gallery' : WD_BWG_DIR . '/filemanager/uploads');
16
  if (file_exists($this->uploads_dir) == FALSE) {
45
  $view->display();
46
  }
47
 
48
+ private function esc_dir($dir) {
49
+ $dir = str_replace('../', '', $dir);
50
+
51
+ return $dir;
52
+ }
53
+
54
  public function make_dir() {
55
  $input_dir = (isset($_REQUEST['dir']) ? str_replace('\\', '', esc_html($_REQUEST['dir'])) : '');
56
  $input_dir = htmlspecialchars_decode($input_dir, ENT_COMPAT | ENT_QUOTES);
57
+ $input_dir = $this->esc_dir($input_dir);
58
+
59
  $cur_dir_path = $input_dir == '' ? $this->uploads_dir : $this->uploads_dir . '/' . $input_dir;
60
 
61
  $new_dir_path = $cur_dir_path . '/' . (isset($_REQUEST['new_dir_name']) ? stripslashes(esc_html(sanitize_file_name($_REQUEST['new_dir_name']))) : '');
62
  $new_dir_path = htmlspecialchars_decode($new_dir_path, ENT_COMPAT | ENT_QUOTES);
63
+ $new_dir_path = $this->esc_dir($new_dir_path);
64
+
65
  if (file_exists($new_dir_path) == true) {
66
+ $msg = __("Directory already exists.", 'bwg');
67
  }
68
  else {
69
+ $msg = '';
70
  mkdir($new_dir_path);
71
  }
72
+ $args = array(
73
+ 'action' => 'addImages',
74
+ 'filemanager_msg' => $msg,
75
+ 'width' => '650',
76
+ 'height' => '500',
77
+ 'task' => 'display',
78
+ 'extensions' => esc_html($_REQUEST['extensions']),
79
+ 'callback' => esc_html($_REQUEST['callback']),
80
+ 'dir' => $input_dir,
81
+ 'TB_iframe' => '1',
82
+ );
83
  $query_url = wp_nonce_url( admin_url('admin-ajax.php'), 'addImages', 'bwg_nonce' );
84
+ $query_url = add_query_arg($args, $query_url);
85
  header('Location: ' . $query_url);
86
  exit;
87
  }
89
  public function rename_item() {
90
  $input_dir = (isset($_REQUEST['dir']) ? str_replace('\\', '', esc_html($_REQUEST['dir'])) : '');
91
  $input_dir = htmlspecialchars_decode($input_dir, ENT_COMPAT | ENT_QUOTES);
92
+ $input_dir = $this->esc_dir($input_dir);
93
+
94
  $cur_dir_path = $input_dir == '' ? $this->uploads_dir : $this->uploads_dir . '/' . $input_dir;
95
 
96
  $file_names = explode('**#**', (isset($_REQUEST['file_names']) ? stripslashes(esc_html($_REQUEST['file_names'])) : ''));
100
 
101
  $file_new_name = (isset($_REQUEST['file_new_name']) ? stripslashes(esc_html($_REQUEST['file_new_name'])) : '');
102
  $file_new_name = htmlspecialchars_decode($file_new_name, ENT_COMPAT | ENT_QUOTES);
103
+ $file_new_name = $this->esc_dir($file_new_name);
104
 
105
  $file_path = $cur_dir_path . '/' . $file_name;
106
  $thumb_file_path = $cur_dir_path . '/thumb/' . $file_name;
109
  $msg = '';
110
 
111
  if (file_exists($file_path) == false) {
112
+ $msg = __("File doesn't exist.", 'bwg');
113
  }
114
  elseif (is_dir($file_path) == true) {
115
  if (rename($file_path, $cur_dir_path . '/' . sanitize_file_name($file_new_name)) == false) {
116
+ $msg = __("Can't rename the file.", 'bwg');
117
  }
118
  }
119
  elseif ((strrpos($file_name, '.') !== false)) {
120
  $file_extension = substr($file_name, strrpos($file_name, '.') + 1);
121
  if (rename($file_path, $cur_dir_path . '/' . $file_new_name . '.' . $file_extension) == false) {
122
+ $msg = __("Can't rename the file.", 'bwg');
123
  }
124
  rename($thumb_file_path, $cur_dir_path . '/thumb/' . $file_new_name . '.' . $file_extension);
125
  rename($original_file_path, $cur_dir_path . '/.original/' . $file_new_name . '.' . $file_extension);
126
  }
127
  else {
128
+ $msg = __("Can't rename the file.", 'bwg');
129
  }
130
  $_REQUEST['file_names'] = '';
131
+ $args = array(
132
+ 'action' => 'addImages',
133
+ 'filemanager_msg' => $msg,
134
+ 'width' => '650',
135
+ 'height' => '500',
136
+ 'task' => 'display',
137
+ 'extensions' => esc_html($_REQUEST['extensions']),
138
+ 'callback' => esc_html($_REQUEST['callback']),
139
+ 'dir' => $input_dir,
140
+ 'TB_iframe' => '1',
141
+ );
142
  $query_url = wp_nonce_url( admin_url('admin-ajax.php'), 'addImages', 'bwg_nonce' );
143
+ $query_url = add_query_arg($args, $query_url);
144
  header('Location: ' . $query_url);
145
  exit;
146
  }
148
  public function remove_items() {
149
  $input_dir = (isset($_REQUEST['dir']) ? str_replace('\\', '', ($_REQUEST['dir'])) : '');
150
  $input_dir = htmlspecialchars_decode($input_dir, ENT_COMPAT | ENT_QUOTES);
151
+ $input_dir = $this->esc_dir($input_dir);
152
+
153
  $cur_dir_path = $input_dir == '' ? $this->uploads_dir : $this->uploads_dir . '/' . $input_dir;
154
 
155
  $file_names = explode('**#**', (isset($_REQUEST['file_names']) ? stripslashes(esc_html($_REQUEST['file_names'])) : ''));
162
  $thumb_file_path = $cur_dir_path . '/thumb/' . $file_name;
163
  $original_file_path = $cur_dir_path . '/.original/' . $file_name;
164
  if (file_exists($file_path) == false) {
165
+ $msg = __("Some of the files couldn't be removed.", 'bwg');
166
  }
167
  else {
168
  $this->remove_file_dir($file_path);
175
  }
176
  }
177
  $_REQUEST['file_names'] = '';
178
+ $args = array(
179
+ 'action' => 'addImages',
180
+ 'filemanager_msg' => $msg,
181
+ 'width' => '650',
182
+ 'height' => '500',
183
+ 'task' => 'show_file_manager',
184
+ 'extensions' => esc_html($_REQUEST['extensions']),
185
+ 'callback' => esc_html($_REQUEST['callback']),
186
+ 'dir' => $input_dir,
187
+ 'TB_iframe' => '1',
188
+ );
189
  $query_url = wp_nonce_url( admin_url('admin-ajax.php'), 'addImages', 'bwg_nonce' );
190
+ $query_url = add_query_arg($args, $query_url);
191
  header('Location: ' . $query_url);
192
  exit;
193
  }
195
  public function paste_items() {
196
  $input_dir = (isset($_REQUEST['dir']) ? str_replace('\\', '', ($_REQUEST['dir'])) : '');
197
  $input_dir = htmlspecialchars_decode($input_dir, ENT_COMPAT | ENT_QUOTES);
198
+ $input_dir = $this->esc_dir($input_dir);
199
+
200
  $msg = '';
201
 
202
  $file_names = explode('**#**', (isset($_REQUEST['clipboard_files']) ? stripslashes($_REQUEST['clipboard_files']) : ''));
203
  $src_dir = (isset($_REQUEST['clipboard_src']) ? stripslashes($_REQUEST['clipboard_src']) : '');
204
  $src_dir = $src_dir == '' ? $this->uploads_dir : $this->uploads_dir . '/' . $src_dir;
205
  $src_dir = htmlspecialchars_decode($src_dir, ENT_COMPAT | ENT_QUOTES);
206
+ $src_dir = $this->esc_dir($src_dir);
207
+
208
  $dest_dir = (isset($_REQUEST['clipboard_dest']) ? stripslashes($_REQUEST['clipboard_dest']) : '');
209
  $dest_dir = $dest_dir == '' ? $this->uploads_dir : $this->uploads_dir . '/' . $dest_dir;
210
  $dest_dir = htmlspecialchars_decode($dest_dir, ENT_COMPAT | ENT_QUOTES);
211
+ $dest_dir = $this->esc_dir($dest_dir);
212
 
213
  switch ((isset($_REQUEST['clipboard_task']) ? stripslashes($_REQUEST['clipboard_task']) : '')) {
214
  case 'copy':
247
  }
248
 
249
  if (!$this->copy_file_dir($src, $dest)) {
250
+ $msg = __("Failed to copy some of the files.", 'bwg');
251
  }
252
  if (!is_dir($src_dir . '/' . $file_name)) {
253
  $this->copy_file_dir($thumb_src, $thumb_dest);
275
  }
276
  }
277
  if ((file_exists($src) == false) || (file_exists($dest) == true) || (!rename($src, $dest))) {
278
+ $msg = __("Failed to move some of the files.", 'bwg');
279
  }
280
  if (!is_dir($src_dir . '/' . $file_name)) {
281
  rename($thumb_src, $thumb_dest);
285
  }
286
  break;
287
  }
288
+
289
+ $args = array(
290
+ 'action' => 'addImages',
291
+ 'filemanager_msg' => $msg,
292
+ 'width' => '650',
293
+ 'height' => '500',
294
+ 'task' => 'show_file_manager',
295
+ 'extensions' => esc_html($_REQUEST['extensions']),
296
+ 'callback' => esc_html($_REQUEST['callback']),
297
+ 'dir' => $input_dir,
298
+ 'TB_iframe' => '1',
299
+ );
300
  $query_url = wp_nonce_url( admin_url('admin-ajax.php'), 'addImages', 'bwg_nonce' );
301
+ $query_url = add_query_arg($args, $query_url);
302
  header('Location: ' . $query_url);
303
  exit;
304
  }
305
 
306
  public function import_items() {
307
+ $args = array(
308
+ 'action' => 'bwg_UploadHandler',
309
+ 'importer_thumb_width' => esc_html($_REQUEST['importer_thumb_width']),
310
+ 'importer_thumb_height' => esc_html($_REQUEST['importer_thumb_height']),
311
+ 'callback' => esc_html($_REQUEST['callback']),
312
+ 'file_namesML' => esc_html($_REQUEST['file_namesML']),
313
+ 'importer_img_width' => esc_html($_REQUEST['importer_img_width']),
314
+ 'importer_img_height' => esc_html($_REQUEST['importer_img_height']),
315
+ 'import' => 'true',
316
+ 'redir' => esc_html($_REQUEST['dir']),
317
+ 'dir' => esc_html($_REQUEST['dir']) . '/',
318
+ );
319
  $query_url = wp_nonce_url( admin_url('admin-ajax.php'), 'bwg_UploadHandler', 'bwg_nonce' );
320
+ $query_url = add_query_arg($args, $query_url);
321
  header('Location: ' . $query_url);
322
  exit;
323
  }
324
 
325
  private function remove_file_dir($del_file_dir) {
326
+ $del_file_dir = $this->esc_dir($del_file_dir);
327
+
328
  if (is_dir($del_file_dir) == true) {
329
  $files_to_remove = scandir($del_file_dir);
330
  foreach ($files_to_remove as $file) {
340
  }
341
 
342
  private function copy_file_dir($src, $dest) {
343
+ $src = $this->esc_dir($src);
344
+ $dest = $this->esc_dir($dest);
345
+
346
  if (is_dir($src) == true) {
347
  $dir = opendir($src);
348
  @mkdir($dest);
363
  return copy($src, $dest);
364
  }
365
  }
366
+ }
filemanager/model.php CHANGED
@@ -30,6 +30,7 @@ class FilemanagerModel {
30
  $data['session_data'] = $session_data;
31
  $data['path_components'] = $this->get_path_components();
32
  $data['dir'] = $this->controller->get_uploads_dir() . (isset($_REQUEST['dir']) ? esc_html($_REQUEST['dir']) : '');
 
33
  $get_files_data = $this->get_files($session_data['sort_by'], $session_data['sort_order']);
34
  $data['files'] = $get_files_data['files'];
35
  $data['files_count'] = $get_files_data['files_count'];
@@ -51,7 +52,7 @@ class FilemanagerModel {
51
  }
52
 
53
  public function get_path_components() {
54
- $dir_names = explode('/', (isset($_REQUEST['dir']) ? esc_html($_REQUEST['dir']) : ''));
55
  $path = '';
56
 
57
  $components = array();
@@ -78,8 +79,9 @@ class FilemanagerModel {
78
  $icons_dir_path = WD_BWG_DIR . '/filemanager/images/file_icons';
79
  $icons_dir_url = WD_BWG_URL . '/filemanager/images/file_icons';
80
  $valid_types = explode(',', isset($_REQUEST['extensions']) ? strtolower(esc_html($_REQUEST['extensions'])) : '*');
81
- $dir = (isset($_REQUEST['dir']) ? '/' . htmlspecialchars_decode(stripslashes(esc_html($_REQUEST['dir'])), ENT_COMPAT | ENT_QUOTES) : '');
82
  $parent_dir = $this->controller->get_uploads_dir() . $dir;
 
83
  $parent_dir_url = $this->controller->get_uploads_url() . $dir;
84
 
85
  $file_names = $this->get_sorted_file_names($parent_dir, $sort_by, $sort_order);
30
  $data['session_data'] = $session_data;
31
  $data['path_components'] = $this->get_path_components();
32
  $data['dir'] = $this->controller->get_uploads_dir() . (isset($_REQUEST['dir']) ? esc_html($_REQUEST['dir']) : '');
33
+ $data['dir'] = str_replace('../', '', $data['dir']);
34
  $get_files_data = $this->get_files($session_data['sort_by'], $session_data['sort_order']);
35
  $data['files'] = $get_files_data['files'];
36
  $data['files_count'] = $get_files_data['files_count'];
52
  }
53
 
54
  public function get_path_components() {
55
+ $dir_names = explode('/', (isset($_REQUEST['dir']) ? str_replace('../', '', esc_html($_REQUEST['dir'])) : ''));
56
  $path = '';
57
 
58
  $components = array();
79
  $icons_dir_path = WD_BWG_DIR . '/filemanager/images/file_icons';
80
  $icons_dir_url = WD_BWG_URL . '/filemanager/images/file_icons';
81
  $valid_types = explode(',', isset($_REQUEST['extensions']) ? strtolower(esc_html($_REQUEST['extensions'])) : '*');
82
+ $dir = (isset($_REQUEST['dir']) ? '/' . htmlspecialchars_decode(stripslashes(esc_html(str_replace('../', '', $_REQUEST['dir']))), ENT_COMPAT | ENT_QUOTES) : '');
83
  $parent_dir = $this->controller->get_uploads_dir() . $dir;
84
+ $parent_dir = str_replace('../', '', $parent_dir);
85
  $parent_dir_url = $this->controller->get_uploads_url() . $dir;
86
 
87
  $file_names = $this->get_sorted_file_names($parent_dir, $sort_by, $sort_order);
filemanager/view.php CHANGED
@@ -6,388 +6,361 @@
6
  */
7
 
8
  class FilemanagerView {
9
- ////////////////////////////////////////////////////////////////////////////////////////
10
- // Events //
11
- ////////////////////////////////////////////////////////////////////////////////////////
12
- ////////////////////////////////////////////////////////////////////////////////////////
13
- // Constants //
14
- ////////////////////////////////////////////////////////////////////////////////////////
15
- ////////////////////////////////////////////////////////////////////////////////////////
16
- // Variables //
17
- ////////////////////////////////////////////////////////////////////////////////////////
18
- private $controller;
19
- private $model;
20
 
21
- ////////////////////////////////////////////////////////////////////////////////////////
22
- // Constructor & Destructor //
23
- ////////////////////////////////////////////////////////////////////////////////////////
24
- public function __construct($controller, $model) {
25
- $this->controller = $controller;
26
- $this->model = $model;
27
- }
28
 
29
- ////////////////////////////////////////////////////////////////////////////////////////
30
- // Public Methods //
31
- ////////////////////////////////////////////////////////////////////////////////////////
32
- public function display() {
33
- if (isset($_GET['filemanager_msg']) && esc_html($_GET['filemanager_msg']) != '') {
34
- ?>
35
- <div id="file_manager_message" style="height:40px;">
36
- <div style="background-color: #FFEBE8; border: 1px solid #CC0000; margin: 5px 15px 2px; padding: 5px 10px;">
37
- <strong style="font-size:14px"><?php echo esc_html(stripslashes($_GET['filemanager_msg'])); ?></strong>
38
- </div>
39
- </div>
40
- <?php
41
- $_GET['filemanager_msg'] = '';
42
- }
43
- global $wd_bwg_options;
44
- $file_manager_data = $this->model->get_file_manager_data();
45
- $items_view = $file_manager_data['session_data']['items_view'];
46
- $sort_by = $file_manager_data['session_data']['sort_by'];
47
- $sort_order = $file_manager_data['session_data']['sort_order'];
48
- $clipboard_task = $file_manager_data['session_data']['clipboard_task'];
49
- $clipboard_files = $file_manager_data['session_data']['clipboard_files'];
50
- $clipboard_src = $file_manager_data['session_data']['clipboard_src'];
51
- $clipboard_dest = $file_manager_data['session_data']['clipboard_dest'];
52
- $icons_dir_url = WD_BWG_URL . '/filemanager/images/file_icons';
53
- $sort_icon = $icons_dir_url . '/' . $sort_order;
54
- wp_print_scripts('jquery');
55
- wp_print_scripts('jquery-ui-widget');
56
- wp_print_scripts('wp-pointer');
57
- wp_print_styles('admin-bar');
58
- wp_print_styles('dashicons');
59
- wp_print_styles('wp-admin');
60
- wp_print_styles('buttons');
61
- wp_print_styles('wp-auth-check');
62
- wp_print_styles('wp-pointer');
63
  ?>
64
- <script src="<?php echo WD_BWG_URL; ?>/filemanager/js/jq_uploader/jquery.iframe-transport.js"></script>
65
- <script src="<?php echo WD_BWG_URL; ?>/filemanager/js/jq_uploader/jquery.fileupload.js"></script>
66
- <script>
67
- var ajaxurl = "<?php echo wp_nonce_url( admin_url('admin-ajax.php'), 'addImages', 'bwg_nonce' ); ?>";
68
- var DS = "<?php echo addslashes('/'); ?>";
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
69
 
70
- var errorLoadingFile = "<?php echo __('File loading failed', 'bwg_back'); ?>";
71
 
72
- var warningRemoveItems = "<?php echo __('Are you sure you want to permanently remove selected items?', 'bwg_back'); ?>";
73
- var warningCancelUploads = "<?php echo __('This will cancel uploads. Continue?', 'bwg_back'); ?>";
74
 
75
- var messageEnterDirName = "<?php echo __('Enter directory name', 'bwg_back'); ?>";
76
- var messageEnterNewName = "<?php echo __('Enter new name', 'bwg_back'); ?>";
77
- var messageFilesUploadComplete = "<?php echo __('Processing uploaded files...', 'bwg_back'); ?>";
78
 
79
- var root = "<?php echo addslashes($this->controller->get_uploads_dir()); ?>";
80
- var dir = "<?php echo (isset($_REQUEST['dir']) ? trim(esc_html($_REQUEST['dir'])) : ''); ?>";
81
- var dirUrl = "<?php echo $this->controller->get_uploads_url() . (isset($_REQUEST['dir']) ? esc_html($_REQUEST['dir']) . '/' : ''); ?>";
82
- var callback = "<?php echo (isset($_REQUEST['callback']) ? esc_html($_REQUEST['callback']) : ''); ?>";
83
- var sortBy = "<?php echo $sort_by; ?>";
84
- var sortOrder = "<?php echo $sort_order; ?>";
85
- var wdb_all_files = <?php echo isset($file_manager_data["all_files"]) && json_encode($file_manager_data["all_files"]) ? json_encode($file_manager_data["all_files"]) : "''"; ?>;
86
- var element_load_count = <?php echo isset($file_manager_data["element_load_count"]) && json_encode($file_manager_data["element_load_count"]) ? json_encode($file_manager_data["element_load_count"]) : "''"; ?>;
87
- </script>
88
- <script src="<?php echo WD_BWG_URL; ?>/filemanager/js/default.js?ver=<?php echo wd_bwg_version(); ?>"></script>
89
- <link href="<?php echo WD_BWG_URL; ?>/filemanager/css/default.css?ver=<?php echo wd_bwg_version(); ?>" type="text/css" rel="stylesheet">
90
- <?php
91
- switch ($items_view) {
92
- case 'list':
93
- ?>
94
- <link href="<?php echo WD_BWG_URL; ?>/filemanager/css/default_view_list.css?ver=<?php echo wd_bwg_version(); ?>" type="text/css" rel="stylesheet">
95
- <?php
96
- break;
97
- case 'thumbs':
98
- ?>
99
- <link href="<?php echo WD_BWG_URL; ?>/filemanager/css/default_view_thumbs.css?ver=<?php echo wd_bwg_version(); ?>" type="text/css" rel="stylesheet">
100
- <?php
101
- break;
102
- }
103
- $i = 0;
104
- ?>
105
- <form id="adminForm" name="adminForm" action="" method="post">
106
- <?php wp_nonce_field( '', 'bwg_nonce' ); ?>
107
- <div id="wrapper">
108
- <div id="opacity_div" style="background-color: rgba(0, 0, 0, 0.2); position: fixed; top: 0; left: 0; width: 100%; height: 100%; z-index: 99998;"></div>
109
- <div id="loading_div" style="text-align: center; position: fixed; top: 0; left: 0; width: 100%; height: 100%; z-index: 99999;">
110
- <img src="<?php echo WD_BWG_URL . '/images/ajax_loader.gif'; ?>" class="bwg_spider_ajax_loading" style="margin-top: 200px; width:30px;">
111
- </div>
112
- <div id="file_manager">
113
- <div class="ctrls_bar ctrls_bar_header">
114
- <div class="ctrls_left">
115
- <a class="ctrl_bar_btn btn_up" onclick="onBtnUpClick(event, this);" title="<?php echo __('Up', 'bwg_back'); ?>"></a>
116
- <a class="ctrl_bar_btn btn_make_dir" onclick="onBtnMakeDirClick(event, this);" title="<?php echo __('Make a directory', 'bwg_back'); ?>"></a>
117
- <a class="ctrl_bar_btn btn_rename_item" onclick="onBtnRenameItemClick(event, this);" title="<?php echo __('Rename item', 'bwg_back'); ?>"></a>
118
- <span class="ctrl_bar_divider"></span>
119
- <a class="ctrl_bar_btn btn_copy" onclick="onBtnCopyClick(event, this);" title="<?php echo __('Copy', 'bwg_back'); ?>"></a>
120
- <a class="ctrl_bar_btn btn_cut" onclick="onBtnCutClick(event, this);" title="<?php echo __('Cut', 'bwg_back'); ?>"></a>
121
- <a class="ctrl_bar_btn btn_paste" onclick="onBtnPasteClick(event, this);" title="<?php echo __('Paste', 'bwg_back'); ?>"> </a>
122
- <a class="ctrl_bar_btn btn_remove_items" onclick="onBtnRemoveItemsClick(event, this);" title="<?php echo __('Remove items', 'bwg_back'); ?>"></a>
123
- <span class="ctrl_bar_divider"></span>
124
- <span class="ctrl_bar_btn">
125
- <a id="upload_images" class="ctrl_bar_btn wd-btn wd-btn-primary wd-btn-icon wd-btn-uplaod" onclick="onBtnShowUploaderClick(event, this);"><?php echo __('Upload files', 'bwg_back'); ?></a>
126
- </span>
127
- <span class="ctrl_bar_divider"></span>
128
- <span id="search_by_name" class="ctrl_bar_btn">
129
- <input type="search" placeholder="Search" class="ctrl_bar_btn search_by_name">
130
- </span>
131
- </div>
132
- <div class="ctrls_right">
133
- <a class="ctrl_bar_btn btn_view_thumbs" onclick="onBtnViewThumbsClick(event, this);" title="<?php echo __('View thumbs', 'bwg_back'); ?>"></a>
134
- <a class="ctrl_bar_btn btn_view_list" onclick="onBtnViewListClick(event, this);" title="<?php echo __('View list', 'bwg_back'); ?>"></a>
135
- </div>
136
  </div>
137
- <div id="path">
138
- <?php
139
- foreach ($file_manager_data['path_components'] as $key => $path_component) {
140
- ?>
141
- <a <?php echo ($key == 0) ? 'title="'. __("To change upload directory go to Options page.", 'bwg_back').'"' : ''; ?> class="path_component path_dir"
142
- onclick="onPathComponentClick(event, this, <?php echo $key; ?>);">
143
- <?php echo str_replace('\\', '', $path_component['name']); ?></a>
144
- <a class="path_component path_separator"><?php echo '/'; ?></a>
145
- <?php
146
- }
147
- ?>
148
  </div>
149
- <div id="explorer">
150
- <div id="explorer_header_wrapper">
151
- <div id="explorer_header_container">
152
- <div id="explorer_header">
153
- <span class="item_numbering"><?php echo $items_view == 'thumbs' ? __('Order by:', 'bwg') : '#'; ?></span>
154
- <span class="item_icon"></span>
155
- <span class="item_name" title="<?php _e('Click to sort by name', 'bwg'); ?>">
156
- <span class="clickable" onclick="onNameHeaderClick(event, this);">
157
- <?php
158
- echo 'Name';
159
- if ($sort_by == 'name') {
160
- ?>
161
- <span class="sort_order_<?php echo $sort_order; ?>"></span>
162
- <?php
163
- }
164
- ?>
165
- </span>
166
- </span>
167
- <span class="item_size" title="<?php _e('Click to sort by size', 'bwg'); ?>">
168
- <span class="clickable" onclick="onSizeHeaderClick(event, this);">
 
169
  <?php
170
- echo 'Size';
171
- if ($sort_by == 'size') {
172
  ?>
173
  <span class="sort_order_<?php echo $sort_order; ?>"></span>
174
  <?php
175
  }
176
  ?>
177
- </span>
178
  </span>
179
- <span class="item_date_modified" title="<?php _e('Click to sort by date modified', 'bwg'); ?>">
180
- <span class="clickable" onclick="onDateModifiedHeaderClick(event, this);">
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
181
  <?php
182
- echo 'Date modified';
183
- if ($sort_by == 'date_modified') {
184
  ?>
185
- <span class="sort_order_<?php echo $sort_order; ?>"></span>
 
186
  <?php
187
  }
188
  ?>
 
 
 
 
189
  </span>
190
- </span>
191
- <span class="scrollbar_filler"></span>
192
- </div>
193
- </div>
194
- </div>
195
- <div id="explorer_body_wrapper">
196
- <div id="explorer_body_container">
197
- <div id="explorer_body" data-files_count="<?php echo $file_manager_data["files_count"]; ?>">
 
 
 
 
 
198
  <?php
199
- foreach ($file_manager_data['files'] as $key => $file) {
200
- $file['name'] = esc_html($file['name']);
201
- $file['filename'] = esc_html($file['filename']);
202
- $file['thumb'] = esc_html($file['thumb']);
203
- ?>
204
- <div class="explorer_item" draggable="true"
205
- name="<?php echo $file['name']; ?>"
206
- filename="<?php echo $file['filename']; ?>"
207
- alt="<?php echo $file['alt']; ?>"
208
- filethumb="<?php echo $file['thumb']; ?>"
209
- filesize="<?php echo $file['size']; ?>"
210
- filetype="<?php echo strtoupper($file['type']); ?>"
211
- date_modified="<?php echo $file['date_modified']; ?>"
212
- fileresolution="<?php echo $file['resolution']; ?>"
213
- fileCredit="<?php echo isset($file['credit']) ? $file['credit'] : ''; ?>"
214
- fileAperture="<?php echo isset($file['aperture']) ? $file['aperture'] : ''; ?>"
215
- fileCamera="<?php echo isset($file['camera']) ? $file['camera'] : ''; ?>"
216
- fileCaption="<?php echo isset($file['caption']) ? $file['caption'] : ''; ?>"
217
- fileIso="<?php echo isset($file['iso']) ? $file['iso'] : ''; ?>"
218
- fileOrientation="<?php echo isset($file['orientation']) ? $file['orientation'] : ''; ?>"
219
- fileCopyright="<?php echo isset($file['copyright']) ? $file['copyright'] : ''; ?>"
220
- onmouseover="onFileMOver(event, this);"
221
- onmouseout="onFileMOut(event, this);"
222
- onclick="onFileClick(event, this);"
223
- ondblclick="onFileDblClick(event, this);"
224
- ondragstart="onFileDragStart(event, this);"
225
- <?php
226
- if ($file['is_dir'] == true) {
227
- ?>
228
- ondragover="onFileDragOver(event, this);"
229
- ondrop="onFileDrop(event, this);"
230
- <?php
231
- }
232
- ?>
233
- isDir="<?php echo $file['is_dir'] == true ? 'true' : 'false'; ?>">
234
- <span class="item_numbering"><?php echo ++$i; ?></span>
235
- <span class="item_thumb">
236
- <img src="<?php echo $file['thumb']; ?>" <?php echo $key >= 24 ? 'onload="loaded()"' : ''; ?> />
237
- </span>
238
- <span class="item_icon">
239
- <img src="<?php echo $file['icon']; ?>"/>
240
- </span>
241
- <span class="item_name">
242
- <?php echo $file['name']; ?>
243
- </span>
244
- <span class="item_size">
245
- <?php echo $file['size']; ?>
246
- </span>
247
- <span class="item_date_modified">
248
- <?php echo $file['date_modified']; ?>
249
- </span>
250
- </div>
251
- <?php
252
- }
253
- ?>
254
- </div>
255
  </div>
256
  </div>
257
  </div>
258
- <div class="ctrls_bar ctrls_bar_footer">
259
- <div class="ctrls_left">
260
- <a id="select_all_images" class="ctrl_bar_btn wd-btn wd-btn-primary wd-not-image none_select" onclick="onBtnSelectAllClick();"><?php echo __('Select All', 'bwg_back'); ?></a>
261
- </div>
262
- <div class="ctrls_right">
263
- <span id="file_names_span">
264
- <span>
265
- </span>
266
  </span>
267
- <a id="add_selectid_img" class="ctrl_bar_btn btn_open wd-btn wd-btn-primary wd-btn-icon-add wd-btn-add none_select" onclick="onBtnOpenClick(event, this);"><?php echo ((isset($_REQUEST['callback']) && esc_html($_REQUEST['callback']) == 'bwg_add_image') ? __('Add selected images to gallery', 'bwg_back') : __('Add', 'bwg_back')); ?></a>
268
- <span class="ctrl_bar_empty_devider"></span>
269
- <a class="ctrl_bar_btn btn_cancel wd-btn wd-btn-primary wd-btn-icon wd-btn-cancel none_select" onclick="onBtnCancelClick(event, this);"><?php echo 'Cancel'; ?></a>
270
- </div>
271
  </div>
272
  </div>
273
- <div id="uploader">
274
- <div id="uploader_bg"></div>
275
- <div class="ctrls_bar ctrls_bar_header">
276
- <div class="ctrls_left upload_thumb">
277
- <?php echo __("Thumbnail Maximum Dimensions:", 'bwg_back'); ?>
278
- <input type="text" class="upload_thumb_dim" name="upload_thumb_width" id="upload_thumb_width" value="<?php echo $wd_bwg_options->upload_thumb_width; ?>" /> x
279
- <input type="text" class="upload_thumb_dim" name="upload_thumb_height" id="upload_thumb_height" value="<?php echo $wd_bwg_options->upload_thumb_height; ?>" /> px
280
- </div>
281
- <div class="ctrls_right">
282
- <a class="ctrl_bar_btn btn_back" onclick="onBtnBackClick(event, this);" title="<?php echo __('Back', 'bwg_back'); ?>"></a>
 
 
 
 
 
 
 
 
 
 
 
 
283
  </div>
284
- <div class="ctrls_right_img upload_thumb">
285
- <?php echo __("Image Maximum Dimensions:", 'bwg_back'); ?>
286
- <input type="text" class="upload_thumb_dim" name="upload_img_width" id="upload_img_width" value="<?php echo $wd_bwg_options->upload_img_width; ?>" /> x
287
- <input type="text" class="upload_thumb_dim" name="upload_img_height" id="upload_img_height" value="<?php echo $wd_bwg_options->upload_img_height; ?>" /> px
 
 
 
 
288
  </div>
289
- </div>
290
- <label for="jQueryUploader">
291
- <div id="uploader_hitter">
292
- <div id="drag_message">
293
- <span><?php echo __('Drag files here or click the button below','bwg_back') . '<br />' . __('to upload files','bwg_back')?></span>
294
- </div>
295
- <div id="btnBrowseContainer">
296
- <?php
297
- $query_url = wp_nonce_url( admin_url('admin-ajax.php'), 'bwg_UploadHandler', 'bwg_nonce' );
298
- $query_url = add_query_arg(array('action' => 'bwg_UploadHandler', 'dir' => (isset($_REQUEST['dir']) ? esc_html($_REQUEST['dir']) : '') . '/'), $query_url);
299
- ?>
300
- <input id="jQueryUploader" type="file" name="files[]"
301
- data-url="<?php echo $query_url; ?>"
302
- multiple>
303
- </div>
304
- <script>
305
- jQuery("#jQueryUploader").fileupload({
306
- dataType: "json",
307
- dropZone: jQuery("#uploader_hitter"),
308
- submit: function (e, data) {
309
- jQuery("#uploader_progress_text").removeClass("uploader_text");
310
- isUploading = true;
311
- jQuery("#uploader_progress_bar").fadeIn();
312
- },
313
- progressall: function (e, data) {
314
- var progress = parseInt(data.loaded / data.total * 100, 10);
315
- jQuery("#uploader_progress_text").text("Progress " + progress + "%");
316
- jQuery("#uploader_progress div div").css({width: progress + "%"});
317
- if (data.loaded == data.total) {
318
- isUploading = false;
319
- jQuery("#uploader_progress_bar").fadeOut(function () {
320
- jQuery("#uploader_progress_text").text(messageFilesUploadComplete);
321
- jQuery("#uploader_progress_text").addClass("uploader_text");
322
- });
323
- jQuery("#opacity_div").show();
324
- jQuery("#loading_div").show();
325
- }
326
- },
327
- stop: function (e, data) {
328
- onBtnBackClick();
329
- },
330
- done: function (e, data) {
331
- jQuery.each(data.result.files, function (index, file) {
332
- if (file.error) {
333
- alert(errorLoadingFile + ' :: ' + file.error);
334
- }
335
- if (file.error) {
336
- jQuery("#uploaded_files ul").prepend(jQuery("<li class=uploaded_item_failed>" + "<?php echo 'Upload failed' ?> :: " + file.error + "</li>"));
337
- }
338
- else {
339
- jQuery("#uploaded_files ul").prepend(jQuery("<li class=uploaded_item>" + file.name + " (<?php echo 'Uploaded' ?>)" + "</li>"));
340
- }
341
  });
342
- jQuery("#opacity_div").hide();
343
- jQuery("#loading_div").hide();
344
  }
345
- });
346
- </script>
347
- </div>
348
- </label>
349
- <div id="uploaded_files">
350
- <ul></ul>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
351
  </div>
352
- <div id="uploader_progress">
353
- <div id="uploader_progress_bar">
354
- <div></div>
355
- </div>
356
- <span id="uploader_progress_text" class="uploader_text">
357
- <?php echo __('No files to upload', 'bwg_back'); ?>
358
- </span>
359
  </div>
 
 
 
360
  </div>
361
  </div>
362
- <input type="hidden" name="task" value="" />
363
- <input type="hidden" name="extensions" value="<?php echo (isset($_REQUEST['extensions']) ? esc_html($_REQUEST['extensions']) : '*'); ?>" />
364
- <input type="hidden" name="callback" value="<?php echo (isset($_REQUEST['callback']) ? esc_html($_REQUEST['callback']) : ''); ?>" />
365
- <input type="hidden" name="sort_by" value="<?php echo $sort_by; ?>" />
366
- <input type="hidden" name="sort_order" value="<?php echo $sort_order; ?>" />
367
- <input type="hidden" name="items_view" value="<?php echo $items_view; ?>" />
368
- <input type="hidden" name="dir" value="<?php echo (isset($_REQUEST['dir']) ? str_replace('\\', '', ($_REQUEST['dir'])) : ''); ?>" />
369
- <input type="hidden" name="file_names" value="" />
370
- <input type="hidden" name="file_namesML" value="" />
371
- <input type="hidden" name="file_new_name" value="" />
372
- <input type="hidden" name="new_dir_name" value="" />
373
- <input type="hidden" name="clipboard_task" value="<?php echo $clipboard_task; ?>" />
374
- <input type="hidden" name="clipboard_files" value="<?php echo $clipboard_files; ?>" />
375
- <input type="hidden" name="clipboard_src" value="<?php echo $clipboard_src; ?>" />
376
- <input type="hidden" name="clipboard_dest" value="<?php echo $clipboard_dest; ?>" />
377
- </form>
378
- <?php
379
- include_once (WD_BWG_DIR .'/includes/bwg_pointers.php');
380
- new BWG_pointers();
381
- die();
382
- }
383
-
384
- ////////////////////////////////////////////////////////////////////////////////////////
385
- // Getters & Setters //
386
- ////////////////////////////////////////////////////////////////////////////////////////
387
- ////////////////////////////////////////////////////////////////////////////////////////
388
- // Private Methods //
389
- ////////////////////////////////////////////////////////////////////////////////////////
390
- ////////////////////////////////////////////////////////////////////////////////////////
391
- // Listeners //
392
- ////////////////////////////////////////////////////////////////////////////////////////
393
- }
6
  */
7
 
8
  class FilemanagerView {
9
+ private $controller;
10
+ private $model;
 
 
 
 
 
 
 
 
 
11
 
12
+ public function __construct($controller, $model) {
13
+ $this->controller = $controller;
14
+ $this->model = $model;
15
+ }
 
 
 
16
 
17
+ public function display() {
18
+ if (isset($_GET['filemanager_msg']) && esc_html($_GET['filemanager_msg']) != '') {
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
19
  ?>
20
+ <div id="file_manager_message" style="height:40px;">
21
+ <div style="background-color: #FFEBE8; border: 1px solid #CC0000; margin: 5px 15px 2px; padding: 5px 10px;">
22
+ <strong style="font-size:14px"><?php echo esc_html(stripslashes($_GET['filemanager_msg'])); ?></strong>
23
+ </div>
24
+ </div>
25
+ <?php
26
+ $_GET['filemanager_msg'] = '';
27
+ }
28
+ global $wd_bwg_options;
29
+ $file_manager_data = $this->model->get_file_manager_data();
30
+ $items_view = $file_manager_data['session_data']['items_view'];
31
+ $sort_by = $file_manager_data['session_data']['sort_by'];
32
+ $sort_order = $file_manager_data['session_data']['sort_order'];
33
+ $clipboard_task = $file_manager_data['session_data']['clipboard_task'];
34
+ $clipboard_files = $file_manager_data['session_data']['clipboard_files'];
35
+ $clipboard_src = $file_manager_data['session_data']['clipboard_src'];
36
+ $clipboard_dest = $file_manager_data['session_data']['clipboard_dest'];
37
+ wp_print_scripts('jquery');
38
+ wp_print_scripts('jquery-ui-widget');
39
+ wp_print_scripts('wp-pointer');
40
+ wp_print_styles('admin-bar');
41
+ wp_print_styles('dashicons');
42
+ wp_print_styles('wp-admin');
43
+ wp_print_styles('buttons');
44
+ wp_print_styles('wp-auth-check');
45
+ wp_print_styles('wp-pointer');
46
+ ?>
47
+ <script src="<?php echo WD_BWG_URL; ?>/filemanager/js/jq_uploader/jquery.iframe-transport.js"></script>
48
+ <script src="<?php echo WD_BWG_URL; ?>/filemanager/js/jq_uploader/jquery.fileupload.js"></script>
49
+ <script>
50
+ var ajaxurl = "<?php echo wp_nonce_url( admin_url('admin-ajax.php'), 'addImages', 'bwg_nonce' ); ?>";
51
+ var DS = "<?php echo addslashes('/'); ?>";
52
 
53
+ var errorLoadingFile = "<?php echo __('File loading failed', 'bwg_back'); ?>";
54
 
55
+ var warningRemoveItems = "<?php echo __('Are you sure you want to permanently remove selected items?', 'bwg_back'); ?>";
56
+ var warningCancelUploads = "<?php echo __('This will cancel uploads. Continue?', 'bwg_back'); ?>";
57
 
58
+ var messageEnterDirName = "<?php echo __('Enter directory name', 'bwg_back'); ?>";
59
+ var messageEnterNewName = "<?php echo __('Enter new name', 'bwg_back'); ?>";
60
+ var messageFilesUploadComplete = "<?php echo __('Processing uploaded files...', 'bwg_back'); ?>";
61
 
62
+ var root = "<?php echo addslashes($this->controller->get_uploads_dir()); ?>";
63
+ var dir = "<?php echo (isset($_REQUEST['dir']) ? trim(esc_html($_REQUEST['dir'])) : ''); ?>";
64
+ var dirUrl = "<?php echo $this->controller->get_uploads_url() . (isset($_REQUEST['dir']) ? esc_html($_REQUEST['dir']) . '/' : ''); ?>";
65
+ var callback = "<?php echo (isset($_REQUEST['callback']) ? esc_html($_REQUEST['callback']) : ''); ?>";
66
+ var sortBy = "<?php echo $sort_by; ?>";
67
+ var sortOrder = "<?php echo $sort_order; ?>";
68
+ var wdb_all_files = <?php echo isset($file_manager_data["all_files"]) && json_encode($file_manager_data["all_files"]) ? json_encode($file_manager_data["all_files"]) : "''"; ?>;
69
+ var element_load_count = <?php echo isset($file_manager_data["element_load_count"]) && json_encode($file_manager_data["element_load_count"]) ? json_encode($file_manager_data["element_load_count"]) : "''"; ?>;
70
+ </script>
71
+ <script src="<?php echo WD_BWG_URL; ?>/filemanager/js/default.js?ver=<?php echo wd_bwg_version(); ?>"></script>
72
+ <link href="<?php echo WD_BWG_URL; ?>/filemanager/css/default.css?ver=<?php echo wd_bwg_version(); ?>" type="text/css" rel="stylesheet">
73
+ <?php
74
+ switch ($items_view) {
75
+ case 'list':
76
+ ?>
77
+ <link href="<?php echo WD_BWG_URL; ?>/filemanager/css/default_view_list.css?ver=<?php echo wd_bwg_version(); ?>" type="text/css" rel="stylesheet">
78
+ <?php
79
+ break;
80
+ case 'thumbs':
81
+ ?>
82
+ <link href="<?php echo WD_BWG_URL; ?>/filemanager/css/default_view_thumbs.css?ver=<?php echo wd_bwg_version(); ?>" type="text/css" rel="stylesheet">
83
+ <?php
84
+ break;
85
+ }
86
+ $i = 0;
87
+ ?>
88
+ <form id="adminForm" name="adminForm" action="" method="post">
89
+ <?php wp_nonce_field( '', 'bwg_nonce' ); ?>
90
+ <div id="wrapper">
91
+ <div id="opacity_div" style="background-color: rgba(0, 0, 0, 0.2); position: fixed; top: 0; left: 0; width: 100%; height: 100%; z-index: 99998;"></div>
92
+ <div id="loading_div" style="text-align: center; position: fixed; top: 0; left: 0; width: 100%; height: 100%; z-index: 99999;">
93
+ <img src="<?php echo WD_BWG_URL . '/images/ajax_loader.gif'; ?>" class="bwg_spider_ajax_loading" style="margin-top: 200px; width:30px;">
94
+ </div>
95
+ <div id="file_manager">
96
+ <div class="ctrls_bar ctrls_bar_header">
97
+ <div class="ctrls_left">
98
+ <a class="ctrl_bar_btn btn_up" onclick="onBtnUpClick(event, this);" title="<?php echo __('Up', 'bwg_back'); ?>"></a>
99
+ <a class="ctrl_bar_btn btn_make_dir" onclick="onBtnMakeDirClick(event, this);" title="<?php echo __('Make a directory', 'bwg_back'); ?>"></a>
100
+ <a class="ctrl_bar_btn btn_rename_item" onclick="onBtnRenameItemClick(event, this);" title="<?php echo __('Rename item', 'bwg_back'); ?>"></a>
101
+ <span class="ctrl_bar_divider"></span>
102
+ <a class="ctrl_bar_btn btn_copy" onclick="onBtnCopyClick(event, this);" title="<?php echo __('Copy', 'bwg_back'); ?>"></a>
103
+ <a class="ctrl_bar_btn btn_cut" onclick="onBtnCutClick(event, this);" title="<?php echo __('Cut', 'bwg_back'); ?>"></a>
104
+ <a class="ctrl_bar_btn btn_paste" onclick="onBtnPasteClick(event, this);" title="<?php echo __('Paste', 'bwg_back'); ?>"> </a>
105
+ <a class="ctrl_bar_btn btn_remove_items" onclick="onBtnRemoveItemsClick(event, this);" title="<?php echo __('Remove items', 'bwg_back'); ?>"></a>
106
+ <span class="ctrl_bar_divider"></span>
107
+ <span class="ctrl_bar_btn">
108
+ <a id="upload_images" class="ctrl_bar_btn wd-btn wd-btn-primary wd-btn-icon wd-btn-uplaod" onclick="onBtnShowUploaderClick(event, this);"><?php echo __('Upload files', 'bwg_back'); ?></a>
109
+ </span>
110
+ <span class="ctrl_bar_divider"></span>
111
+ <span id="search_by_name" class="ctrl_bar_btn">
112
+ <input type="search" placeholder="Search" class="ctrl_bar_btn search_by_name">
113
+ </span>
 
 
 
 
 
114
  </div>
115
+ <div class="ctrls_right">
116
+ <a class="ctrl_bar_btn btn_view_thumbs" onclick="onBtnViewThumbsClick(event, this);" title="<?php echo __('View thumbs', 'bwg_back'); ?>"></a>
117
+ <a class="ctrl_bar_btn btn_view_list" onclick="onBtnViewListClick(event, this);" title="<?php echo __('View list', 'bwg_back'); ?>"></a>
 
 
 
 
 
 
 
 
118
  </div>
119
+ </div>
120
+ <div id="path">
121
+ <?php
122
+ foreach ($file_manager_data['path_components'] as $key => $path_component) {
123
+ ?>
124
+ <a <?php echo ($key == 0) ? 'title="'. __("To change upload directory go to Options page.", 'bwg_back').'"' : ''; ?> class="path_component path_dir"
125
+ onclick="onPathComponentClick(event, this, <?php echo $key; ?>);">
126
+ <?php echo str_replace('\\', '', $path_component['name']); ?></a>
127
+ <a class="path_component path_separator"><?php echo '/'; ?></a>
128
+ <?php
129
+ }
130
+ ?>
131
+ </div>
132
+ <div id="explorer">
133
+ <div id="explorer_header_wrapper">
134
+ <div id="explorer_header_container">
135
+ <div id="explorer_header">
136
+ <span class="item_numbering"><?php echo $items_view == 'thumbs' ? __('Order by:', 'bwg') : '#'; ?></span>
137
+ <span class="item_icon"></span>
138
+ <span class="item_name" title="<?php _e('Click to sort by name', 'bwg'); ?>">
139
+ <span class="clickable" onclick="onNameHeaderClick(event, this);">
140
  <?php
141
+ echo 'Name';
142
+ if ($sort_by == 'name') {
143
  ?>
144
  <span class="sort_order_<?php echo $sort_order; ?>"></span>
145
  <?php
146
  }
147
  ?>
 
148
  </span>
149
+ </span>
150
+ <span class="item_size" title="<?php _e('Click to sort by size', 'bwg'); ?>">
151
+ <span class="clickable" onclick="onSizeHeaderClick(event, this);">
152
+ <?php
153
+ echo 'Size';
154
+ if ($sort_by == 'size') {
155
+ ?>
156
+ <span class="sort_order_<?php echo $sort_order; ?>"></span>
157
+ <?php
158
+ }
159
+ ?>
160
+ </span>
161
+ </span>
162
+ <span class="item_date_modified" title="<?php _e('Click to sort by date modified', 'bwg'); ?>">
163
+ <span class="clickable" onclick="onDateModifiedHeaderClick(event, this);">
164
+ <?php
165
+ echo 'Date modified';
166
+ if ($sort_by == 'date_modified') {
167
+ ?>
168
+ <span class="sort_order_<?php echo $sort_order; ?>"></span>
169
+ <?php
170
+ }
171
+ ?>
172
+ </span>
173
+ </span>
174
+ <span class="scrollbar_filler"></span>
175
+ </div>
176
+ </div>
177
+ </div>
178
+ <div id="explorer_body_wrapper">
179
+ <div id="explorer_body_container">
180
+ <div id="explorer_body" data-files_count="<?php echo $file_manager_data["files_count"]; ?>">
181
+ <?php
182
+ foreach ($file_manager_data['files'] as $key => $file) {
183
+ $file['name'] = esc_html($file['name']);
184
+ $file['filename'] = esc_html($file['filename']);
185
+ $file['thumb'] = esc_html($file['thumb']);
186
+ ?>
187
+ <div class="explorer_item" draggable="true"
188
+ name="<?php echo $file['name']; ?>"
189
+ filename="<?php echo $file['filename']; ?>"
190
+ alt="<?php echo $file['alt']; ?>"
191
+ filethumb="<?php echo $file['thumb']; ?>"
192
+ filesize="<?php echo $file['size']; ?>"
193
+ filetype="<?php echo strtoupper($file['type']); ?>"
194
+ date_modified="<?php echo $file['date_modified']; ?>"
195
+ fileresolution="<?php echo $file['resolution']; ?>"
196
+ fileCredit="<?php echo isset($file['credit']) ? $file['credit'] : ''; ?>"
197
+ fileAperture="<?php echo isset($file['aperture']) ? $file['aperture'] : ''; ?>"
198
+ fileCamera="<?php echo isset($file['camera']) ? $file['camera'] : ''; ?>"
199
+ fileCaption="<?php echo isset($file['caption']) ? $file['caption'] : ''; ?>"
200
+ fileIso="<?php echo isset($file['iso']) ? $file['iso'] : ''; ?>"
201
+ fileOrientation="<?php echo isset($file['orientation']) ? $file['orientation'] : ''; ?>"
202
+ fileCopyright="<?php echo isset($file['copyright']) ? $file['copyright'] : ''; ?>"
203
+ onmouseover="onFileMOver(event, this);"
204
+ onmouseout="onFileMOut(event, this);"
205
+ onclick="onFileClick(event, this);"
206
+ ondblclick="onFileDblClick(event, this);"
207
+ ondragstart="onFileDragStart(event, this);"
208
  <?php
209
+ if ($file['is_dir'] == true) {
 
210
  ?>
211
+ ondragover="onFileDragOver(event, this);"
212
+ ondrop="onFileDrop(event, this);"
213
  <?php
214
  }
215
  ?>
216
+ isDir="<?php echo $file['is_dir'] == true ? 'true' : 'false'; ?>">
217
+ <span class="item_numbering"><?php echo ++$i; ?></span>
218
+ <span class="item_thumb">
219
+ <img src="<?php echo $file['thumb']; ?>" <?php echo $key >= 24 ? 'onload="loaded()"' : ''; ?> />
220
  </span>
221
+ <span class="item_icon">
222
+ <img src="<?php echo $file['icon']; ?>"/>
223
+ </span>
224
+ <span class="item_name">
225
+ <?php echo $file['name']; ?>
226
+ </span>
227
+ <span class="item_size">
228
+ <?php echo $file['size']; ?>
229
+ </span>
230
+ <span class="item_date_modified">
231
+ <?php echo $file['date_modified']; ?>
232
+ </span>
233
+ </div>
234
  <?php
235
+ }
236
+ ?>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
237
  </div>
238
  </div>
239
  </div>
240
+ </div>
241
+ <div class="ctrls_bar ctrls_bar_footer">
242
+ <div class="ctrls_left">
243
+ <a id="select_all_images" class="ctrl_bar_btn wd-btn wd-btn-primary wd-not-image none_select" onclick="onBtnSelectAllClick();"><?php echo __('Select All', 'bwg_back'); ?></a>
244
+ </div>
245
+ <div class="ctrls_right">
246
+ <span id="file_names_span">
247
+ <span>
248
  </span>
249
+ </span>
250
+ <a id="add_selectid_img" class="ctrl_bar_btn btn_open wd-btn wd-btn-primary wd-btn-icon-add wd-btn-add none_select" onclick="onBtnOpenClick(event, this);"><?php echo ((isset($_REQUEST['callback']) && esc_html($_REQUEST['callback']) == 'bwg_add_image') ? __('Add selected images to gallery', 'bwg_back') : __('Add', 'bwg_back')); ?></a>
251
+ <span class="ctrl_bar_empty_devider"></span>
252
+ <a class="ctrl_bar_btn btn_cancel wd-btn wd-btn-primary wd-btn-icon wd-btn-cancel none_select" onclick="onBtnCancelClick(event, this);"><?php echo 'Cancel'; ?></a>
253
  </div>
254
  </div>
255
+ </div>
256
+ <div id="uploader">
257
+ <div id="uploader_bg"></div>
258
+ <div class="ctrls_bar ctrls_bar_header">
259
+ <div class="ctrls_left upload_thumb">
260
+ <?php echo __("Thumbnail Maximum Dimensions:", 'bwg_back'); ?>
261
+ <input type="text" class="upload_thumb_dim" name="upload_thumb_width" id="upload_thumb_width" value="<?php echo $wd_bwg_options->upload_thumb_width; ?>" /> x
262
+ <input type="text" class="upload_thumb_dim" name="upload_thumb_height" id="upload_thumb_height" value="<?php echo $wd_bwg_options->upload_thumb_height; ?>" /> px
263
+ </div>
264
+ <div class="ctrls_right">
265
+ <a class="ctrl_bar_btn btn_back" onclick="onBtnBackClick(event, this);" title="<?php echo __('Back', 'bwg_back'); ?>"></a>
266
+ </div>
267
+ <div class="ctrls_right_img upload_thumb">
268
+ <?php echo __("Image Maximum Dimensions:", 'bwg_back'); ?>
269
+ <input type="text" class="upload_thumb_dim" name="upload_img_width" id="upload_img_width" value="<?php echo $wd_bwg_options->upload_img_width; ?>" /> x
270
+ <input type="text" class="upload_thumb_dim" name="upload_img_height" id="upload_img_height" value="<?php echo $wd_bwg_options->upload_img_height; ?>" /> px
271
+ </div>
272
+ </div>
273
+ <label for="jQueryUploader">
274
+ <div id="uploader_hitter">
275
+ <div id="drag_message">
276
+ <span><?php echo __('Drag files here or click the button below','bwg_back') . '<br />' . __('to upload files','bwg_back')?></span>
277
  </div>
278
+ <div id="btnBrowseContainer">
279
+ <?php
280
+ $query_url = wp_nonce_url( admin_url('admin-ajax.php'), 'bwg_UploadHandler', 'bwg_nonce' );
281
+ $query_url = add_query_arg(array('action' => 'bwg_UploadHandler', 'dir' => (isset($_REQUEST['dir']) ? esc_html($_REQUEST['dir']) : '') . '/'), $query_url);
282
+ ?>
283
+ <input id="jQueryUploader" type="file" name="files[]"
284
+ data-url="<?php echo $query_url; ?>"
285
+ multiple>
286
  </div>
287
+ <script>
288
+ jQuery("#jQueryUploader").fileupload({
289
+ dataType: "json",
290
+ dropZone: jQuery("#uploader_hitter"),
291
+ submit: function (e, data) {
292
+ jQuery("#uploader_progress_text").removeClass("uploader_text");
293
+ isUploading = true;
294
+ jQuery("#uploader_progress_bar").fadeIn();
295
+ },
296
+ progressall: function (e, data) {
297
+ var progress = parseInt(data.loaded / data.total * 100, 10);
298
+ jQuery("#uploader_progress_text").text("Progress " + progress + "%");
299
+ jQuery("#uploader_progress div div").css({width: progress + "%"});
300
+ if (data.loaded == data.total) {
301
+ isUploading = false;
302
+ jQuery("#uploader_progress_bar").fadeOut(function () {
303
+ jQuery("#uploader_progress_text").text(messageFilesUploadComplete);
304
+ jQuery("#uploader_progress_text").addClass("uploader_text");
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
305
  });
306
+ jQuery("#opacity_div").show();
307
+ jQuery("#loading_div").show();
308
  }
309
+ },
310
+ stop: function (e, data) {
311
+ onBtnBackClick();
312
+ },
313
+ done: function (e, data) {
314
+ jQuery.each(data.result.files, function (index, file) {
315
+ if (file.error) {
316
+ alert(errorLoadingFile + ' :: ' + file.error);
317
+ }
318
+ if (file.error) {
319
+ jQuery("#uploaded_files ul").prepend(jQuery("<li class=uploaded_item_failed>" + "<?php echo 'Upload failed' ?> :: " + file.error + "</li>"));
320
+ }
321
+ else {
322
+ jQuery("#uploaded_files ul").prepend(jQuery("<li class=uploaded_item>" + file.name + " (<?php echo 'Uploaded' ?>)" + "</li>"));
323
+ }
324
+ });
325
+ jQuery("#opacity_div").hide();
326
+ jQuery("#loading_div").hide();
327
+ }
328
+ });
329
+ </script>
330
  </div>
331
+ </label>
332
+ <div id="uploaded_files">
333
+ <ul></ul>
334
+ </div>
335
+ <div id="uploader_progress">
336
+ <div id="uploader_progress_bar">
337
+ <div></div>
338
  </div>
339
+ <span id="uploader_progress_text" class="uploader_text">
340
+ <?php echo __('No files to upload', 'bwg_back'); ?>
341
+ </span>
342
  </div>
343
  </div>
344
+ </div>
345
+ <input type="hidden" name="task" value="" />
346
+ <input type="hidden" name="extensions" value="<?php echo (isset($_REQUEST['extensions']) ? esc_html($_REQUEST['extensions']) : '*'); ?>" />
347
+ <input type="hidden" name="callback" value="<?php echo (isset($_REQUEST['callback']) ? esc_html($_REQUEST['callback']) : ''); ?>" />
348
+ <input type="hidden" name="sort_by" value="<?php echo $sort_by; ?>" />
349
+ <input type="hidden" name="sort_order" value="<?php echo $sort_order; ?>" />
350
+ <input type="hidden" name="items_view" value="<?php echo $items_view; ?>" />
351
+ <input type="hidden" name="dir" value="<?php echo (isset($_REQUEST['dir']) ? str_replace('\\', '', ($_REQUEST['dir'])) : ''); ?>" />
352
+ <input type="hidden" name="file_names" value="" />
353
+ <input type="hidden" name="file_namesML" value="" />
354
+ <input type="hidden" name="file_new_name" value="" />
355
+ <input type="hidden" name="new_dir_name" value="" />
356
+ <input type="hidden" name="clipboard_task" value="<?php echo $clipboard_task; ?>" />
357
+ <input type="hidden" name="clipboard_files" value="<?php echo $clipboard_files; ?>" />
358
+ <input type="hidden" name="clipboard_src" value="<?php echo $clipboard_src; ?>" />
359
+ <input type="hidden" name="clipboard_dest" value="<?php echo $clipboard_dest; ?>" />
360
+ </form>
361
+ <?php
362
+ include_once (WD_BWG_DIR .'/includes/bwg_pointers.php');
363
+ new BWG_pointers();
364
+ die();
365
+ }
366
+ }
 
 
 
 
 
 
 
 
 
framework/WDWLibrary.php CHANGED
@@ -936,7 +936,7 @@ class WDWLibrary {
936
 
937
  public static function get_tags_rows_data($gallery_id) {
938
  global $wpdb;
939
- $row = $wpdb->get_results('Select t1.* FROM ' . $wpdb->prefix . 'terms AS t1 LEFT JOIN ' . $wpdb->prefix . 'term_taxonomy AS t2 ON t1.term_id = t2.term_id' . ($gallery_id ? ' LEFT JOIN (SELECT DISTINCT tag_id , gallery_id FROM ' . $wpdb->prefix . 'bwg_image_tag) AS t3 ON t1.term_id=t3.tag_id' : '') . ' WHERE taxonomy="bwg_tag"' . ($gallery_id ? ' AND t3.gallery_id="' . $gallery_id . '"' : ''));
940
  return $row;
941
  }
942
 
936
 
937
  public static function get_tags_rows_data($gallery_id) {
938
  global $wpdb;
939
+ $row = $wpdb->get_results('Select t1.* FROM ' . $wpdb->prefix . 'terms AS t1 LEFT JOIN ' . $wpdb->prefix . 'term_taxonomy AS t2 ON t1.term_id = t2.term_id' . ($gallery_id ? ' LEFT JOIN (SELECT DISTINCT tag_id , gallery_id FROM ' . $wpdb->prefix . 'bwg_image_tag) AS t3 ON t1.term_id=t3.tag_id' : '') . ' WHERE taxonomy="bwg_tag"' . ($gallery_id ? ' AND t3.gallery_id="' . $gallery_id . '"' : '') . ' ORDER BY t1.name ASC');
940
  return $row;
941
  }
942
 
framework/WDWLibraryEmbed.php CHANGED
@@ -136,6 +136,7 @@ class WDWLibraryEmbed {
136
  $insta_host_and_id= strtok($url, '/')."/".strtok('/')."/".strtok('/')."/".strtok('/');
137
  $insta_host= strtok($url, '/')."/".strtok('/')."/".strtok('/')."/";
138
  $filename = str_replace($insta_host, "", $insta_host_and_id);
 
139
 
140
  $get_embed_data = wp_remote_get("http://api.instagram.com/oembed?url=http://instagram.com/p/".$filename);
141
  if ( is_wp_error( $get_embed_data ) ) {
@@ -145,15 +146,15 @@ class WDWLibraryEmbed {
145
  if(empty($result)){
146
  return json_encode(array("error", wp_remote_retrieve_body($get_embed_data)));
147
  }
148
- list($img_width, $img_height) = @getimagesize('https://instagram.com/p/' . $filename . '/media/?size=l');
149
  $embedData = array(
150
  'name' => htmlspecialchars($result->title),
151
  'description' => htmlspecialchars($result->title),
152
  'filename' => $filename,
153
  'url' => $url,
154
  'reliative_url' => $url,
155
- 'thumb_url' => 'https://instagram.com/p/' . $filename . '/media/?size=t',
156
- 'thumb' => 'https://instagram.com/p/' . $filename . '/media/?size=t',
157
  'size' => '',
158
  'filetype' => $embed_type,
159
  'date_modified' => date('d F Y, H:i'),
136
  $insta_host_and_id= strtok($url, '/')."/".strtok('/')."/".strtok('/')."/".strtok('/');
137
  $insta_host= strtok($url, '/')."/".strtok('/')."/".strtok('/')."/";
138
  $filename = str_replace($insta_host, "", $insta_host_and_id);
139
+ $thumb_filename = $filename;
140
 
141
  $get_embed_data = wp_remote_get("http://api.instagram.com/oembed?url=http://instagram.com/p/".$filename);
142
  if ( is_wp_error( $get_embed_data ) ) {
146
  if(empty($result)){
147
  return json_encode(array("error", wp_remote_retrieve_body($get_embed_data)));
148
  }
149
+ list($img_width, $img_height) = @getimagesize('https://instagram.com/p/' . $thumb_filename . '/media/?size=l');
150
  $embedData = array(
151
  'name' => htmlspecialchars($result->title),
152
  'description' => htmlspecialchars($result->title),
153
  'filename' => $filename,
154
  'url' => $url,
155
  'reliative_url' => $url,
156
+ 'thumb_url' => 'https://instagram.com/p/' . $thumb_filename . '/media/?size=t',
157
+ 'thumb' => 'https://instagram.com/p/' . $thumb_filename . '/media/?size=t',
158
  'size' => '',
159
  'filetype' => $embed_type,
160
  'date_modified' => date('d F Y, H:i'),
frontend/views/BWGViewSlideshow.php CHANGED
@@ -600,31 +600,44 @@ class BWGViewSlideshow {
600
  function bwg_change_watermark_container_<?php echo $bwg; ?>() {
601
  jQuery(".bwg_slider_<?php echo $bwg; ?>").children().each(function() {
602
  if (jQuery(this).css("zIndex") == 2) {
 
603
  var bwg_current_image_span = jQuery(this).find("img");
604
- if (!bwg_current_image_span.length) {
605
- bwg_current_image_span = jQuery(this).find("iframe");
606
- }
607
- if (!bwg_current_image_span.length) {
608
- bwg_current_image_span = jQuery(this).find("video");
609
- }
610
- var width = bwg_current_image_span.width();
611
- var height = bwg_current_image_span.height();
612
- jQuery(".bwg_slideshow_watermark_spun_<?php echo $bwg; ?>").width(width);
613
- jQuery(".bwg_slideshow_watermark_spun_<?php echo $bwg; ?>").height(height);
614
- jQuery(".bwg_slideshow_title_spun_<?php echo $bwg; ?>").width(width);
615
- jQuery(".bwg_slideshow_title_spun_<?php echo $bwg; ?>").height(height);
616
- jQuery(".bwg_slideshow_description_spun_<?php echo $bwg; ?>").width(width);
617
- jQuery(".bwg_slideshow_description_spun_<?php echo $bwg; ?>").height(height);
618
- jQuery(".bwg_slideshow_watermark_<?php echo $bwg; ?>").css({display: ''});
619
- if (jQuery.trim(jQuery(".bwg_slideshow_title_text_<?php echo $bwg; ?>").text())) {
620
- jQuery(".bwg_slideshow_title_text_<?php echo $bwg; ?>").css({display: ''});
621
  }
622
- if (jQuery.trim(jQuery(".bwg_slideshow_description_text_<?php echo $bwg; ?>").text())) {
623
- jQuery(".bwg_slideshow_description_text_<?php echo $bwg; ?>").css({display: ''});
 
 
 
 
 
 
 
624
  }
625
  }
626
  });
627
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
628
  var bwg_current_key_<?php echo $bwg; ?> = '<?php echo (isset($current_key) ? $current_key : ''); ?>';
629
  var bwg_current_filmstrip_pos_<?php echo $bwg; ?> = <?php echo $current_pos; ?>;
630
  /* Set filmstrip initial position.*/
600
  function bwg_change_watermark_container_<?php echo $bwg; ?>() {
601
  jQuery(".bwg_slider_<?php echo $bwg; ?>").children().each(function() {
602
  if (jQuery(this).css("zIndex") == 2) {
603
+ /* For images.*/
604
  var bwg_current_image_span = jQuery(this).find("img");
605
+ if (bwg_current_image_span.length) {
606
+ bwg_current_image_span.load(function () {
607
+ var width = bwg_current_image_span.width();
608
+ var height = bwg_current_image_span.height();
609
+ bwg_change_each_watermark_container_<?php echo $bwg; ?>(width, height);
610
+ });
 
 
 
 
 
 
 
 
 
 
 
611
  }
612
+ else {
613
+ /* For embeds and videos.*/
614
+ bwg_current_image_span = jQuery(this).find("iframe");
615
+ if (!bwg_current_image_span.length) {
616
+ bwg_current_image_span = jQuery(this).find("video");
617
+ }
618
+ var width = bwg_current_image_span.width();
619
+ var height = bwg_current_image_span.height();
620
+ bwg_change_each_watermark_container_<?php echo $bwg; ?>(width, height);
621
  }
622
  }
623
  });
624
  }
625
+ /* Set each watermark container size.*/
626
+ function bwg_change_each_watermark_container_<?php echo $bwg; ?>(width, height) {
627
+ jQuery(".bwg_slideshow_watermark_spun_<?php echo $bwg; ?>").width(width);
628
+ jQuery(".bwg_slideshow_watermark_spun_<?php echo $bwg; ?>").height(height);
629
+ jQuery(".bwg_slideshow_title_spun_<?php echo $bwg; ?>").width(width);
630
+ jQuery(".bwg_slideshow_title_spun_<?php echo $bwg; ?>").height(height);
631
+ jQuery(".bwg_slideshow_description_spun_<?php echo $bwg; ?>").width(width);
632
+ jQuery(".bwg_slideshow_description_spun_<?php echo $bwg; ?>").height(height);
633
+ jQuery(".bwg_slideshow_watermark_<?php echo $bwg; ?>").css({display: ''});
634
+ if (jQuery.trim(jQuery(".bwg_slideshow_title_text_<?php echo $bwg; ?>").text())) {
635
+ jQuery(".bwg_slideshow_title_text_<?php echo $bwg; ?>").css({display: ''});
636
+ }
637
+ if (jQuery.trim(jQuery(".bwg_slideshow_description_text_<?php echo $bwg; ?>").text())) {
638
+ jQuery(".bwg_slideshow_description_text_<?php echo $bwg; ?>").css({display: ''});
639
+ }
640
+ }
641
  var bwg_current_key_<?php echo $bwg; ?> = '<?php echo (isset($current_key) ? $current_key : ''); ?>';
642
  var bwg_current_filmstrip_pos_<?php echo $bwg; ?> = <?php echo $current_pos; ?>;
643
  /* Set filmstrip initial position.*/
photo-gallery.php CHANGED
@@ -4,7 +4,7 @@
4
  * Plugin Name: Photo Gallery
5
  * Plugin URI: https://web-dorado.com/products/wordpress-photo-gallery-plugin.html
6
  * Description: This plugin is a fully responsive gallery plugin with advanced functionality. It allows having different image galleries for your posts and pages. You can create unlimited number of galleries, combine them into albums, and provide descriptions and tags.
7
- * Version: 1.3.42
8
  * Author: Photo Gallery Team
9
  * Author URI: https://web-dorado.com/
10
  * License: GNU/GPLv3 http://www.gnu.org/licenses/gpl-3.0.html
@@ -1701,7 +1701,7 @@ function bwg_activate() {
1701
  ));
1702
  }
1703
  $version = get_option('wd_bwg_version');
1704
- $new_version = '1.3.42';
1705
  if ($version && version_compare($version, $new_version, '<')) {
1706
  require_once WD_BWG_DIR . "/update/bwg_update.php";
1707
  bwg_update($version);
@@ -1753,7 +1753,7 @@ wp_oembed_add_provider( '#https://instagr(\.am|am\.com)/p/.*#i', 'https://api.in
1753
 
1754
  function bwg_update_hook() {
1755
  $version = get_option('wd_bwg_version');
1756
- $new_version = '1.3.42';
1757
  if ($version && version_compare($version, $new_version, '<')) {
1758
  require_once WD_BWG_DIR . "/update/bwg_update.php";
1759
  bwg_update($version);
4
  * Plugin Name: Photo Gallery
5
  * Plugin URI: https://web-dorado.com/products/wordpress-photo-gallery-plugin.html
6
  * Description: This plugin is a fully responsive gallery plugin with advanced functionality. It allows having different image galleries for your posts and pages. You can create unlimited number of galleries, combine them into albums, and provide descriptions and tags.
7
+ * Version: 1.3.43
8
  * Author: Photo Gallery Team
9
  * Author URI: https://web-dorado.com/
10
  * License: GNU/GPLv3 http://www.gnu.org/licenses/gpl-3.0.html
1701
  ));
1702
  }
1703
  $version = get_option('wd_bwg_version');
1704
+ $new_version = '1.3.43';
1705
  if ($version && version_compare($version, $new_version, '<')) {
1706
  require_once WD_BWG_DIR . "/update/bwg_update.php";
1707
  bwg_update($version);
1753
 
1754
  function bwg_update_hook() {
1755
  $version = get_option('wd_bwg_version');
1756
+ $new_version = '1.3.43';
1757
  if ($version && version_compare($version, $new_version, '<')) {
1758
  require_once WD_BWG_DIR . "/update/bwg_update.php";
1759
  bwg_update($version);
readme.txt CHANGED
@@ -4,7 +4,7 @@ Donate link: https://web-dorado.com/products/wordpress-photo-gallery-plugin.html
4
  Tags: gallery, photo gallery, image gallery, responsive gallery, wordpress gallery plugin, photo albums, gallery slider, gallery lightbox, wordpress photo gallery plugin, fullscreen gallery, watermarking, video gallery
5
  Requires at least: 3.4
6
  Tested up to: 4.7
7
- Stable tag: 1.3.42
8
  License: GPLv2 or later
9
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
 
@@ -188,6 +188,12 @@ To enable the feature of adding Media Library images, go to Photo Gallery > Opti
188
 
189
  == Changelog ==
190
 
 
 
 
 
 
 
191
  = 1.3.42 =
192
  * Fixed: Scroll load with more than one gallery in a page.
193
 
4
  Tags: gallery, photo gallery, image gallery, responsive gallery, wordpress gallery plugin, photo albums, gallery slider, gallery lightbox, wordpress photo gallery plugin, fullscreen gallery, watermarking, video gallery
5
  Requires at least: 3.4
6
  Tested up to: 4.7
7
+ Stable tag: 1.3.43
8
  License: GPLv2 or later
9
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
 
188
 
189
  == Changelog ==
190
 
191
+ = 1.3.43 =
192
+ * Fixed: Security issue in filemanager.
193
+ * Fixed: Image title/description direction in Slideshow view after image change.
194
+ * Fixed: Instagram video thumbnail.
195
+ * Fixed: Tags order by name in tags search list.
196
+
197
  = 1.3.42 =
198
  * Fixed: Scroll load with more than one gallery in a page.
199