Version Description
- Fixed: Minor security vulnerability.
Download this release
Release Info
| Developer | 10web |
| Plugin |  Photo Gallery by WD – Responsive Photo Gallery |
| Version | 1.6.6 |
| Comparing to | |
| See all releases | |
Code changes from version 1.6.5 to 1.6.6
admin/views/Options.php
CHANGED
|
@@ -146,8 +146,8 @@ class OptionsView_bwg extends AdminView_bwg {
|
|
| 146 |
<div class="wd-group">
|
| 147 |
<label class="wd-label" for="images_directory"><?php _e('Images directory', BWG()->prefix); ?></label>
|
| 148 |
<div class="bwg-flex">
|
| 149 |
-
<input id="images_directory" name="images_directory" type="text" style="display:inline-block; width:100%;" value="<?php echo
|
| 150 |
-
<input type="hidden" id="old_images_directory" name="old_images_directory" value="<?php echo
|
| 151 |
</div>
|
| 152 |
<p class="description"><?php _e('Provide the path of an existing folder inside the WordPress directory of your website to store uploaded images.<br />The content of the previous directory will be moved to the new one.', BWG()->prefix); ?></p>
|
| 153 |
</div>
|
| 146 |
<div class="wd-group">
|
| 147 |
<label class="wd-label" for="images_directory"><?php _e('Images directory', BWG()->prefix); ?></label>
|
| 148 |
<div class="bwg-flex">
|
| 149 |
+
<input id="images_directory" name="images_directory" type="text" style="display:inline-block; width:100%;" value="<?php echo esc_html($row->images_directory); ?>" />
|
| 150 |
+
<input type="hidden" id="old_images_directory" name="old_images_directory" value="<?php echo esc_html($row->old_images_directory); ?>" />
|
| 151 |
</div>
|
| 152 |
<p class="description"><?php _e('Provide the path of an existing folder inside the WordPress directory of your website to store uploaded images.<br />The content of the previous directory will be moved to the new one.', BWG()->prefix); ?></p>
|
| 153 |
</div>
|
frontend/controllers/controller.php
CHANGED
|
@@ -357,9 +357,8 @@ class BWGControllerSite {
|
|
| 357 |
}
|
| 358 |
|
| 359 |
if ( !isset( $params['current_url'] ) ) {
|
| 360 |
-
$params['current_url'] = trim((is_ssl() ? 'https://' : 'http://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
|
| 361 |
}
|
| 362 |
-
|
| 363 |
$need_scroll = 0;
|
| 364 |
if( BWG()->options->front_ajax == "1" && (WDWLibrary::get('bwg_search_' . $bwg) != '' || WDWLibrary::get('filter_tag_' . $bwg) != "" || WDWLibrary::get("album_gallery_id_".$bwg) != "" || WDWLibrary::get("page_number_".$bwg)) != "" ) {
|
| 365 |
$need_scroll = 1;
|
| 357 |
}
|
| 358 |
|
| 359 |
if ( !isset( $params['current_url'] ) ) {
|
| 360 |
+
$params['current_url'] = esc_url( trim((is_ssl() ? 'https://' : 'http://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']) );
|
| 361 |
}
|
|
|
|
| 362 |
$need_scroll = 0;
|
| 363 |
if( BWG()->options->front_ajax == "1" && (WDWLibrary::get('bwg_search_' . $bwg) != '' || WDWLibrary::get('filter_tag_' . $bwg) != "" || WDWLibrary::get("album_gallery_id_".$bwg) != "" || WDWLibrary::get("page_number_".$bwg)) != "" ) {
|
| 364 |
$need_scroll = 1;
|
frontend/views/BWGViewAlbum_compact_preview.php
CHANGED
|
@@ -77,10 +77,11 @@ class BWGViewAlbum_compact_preview extends BWGViewSite {
|
|
| 77 |
echo WDWLibrary::message(__('No results found.', BWG()->prefix), 'wd_error');
|
| 78 |
}
|
| 79 |
foreach ( $params['album_gallery_rows']['rows'] as $row ) {
|
| 80 |
-
$href = add_query_arg(array(
|
| 81 |
"type_" . $bwg => $row->def_type,
|
| 82 |
"album_gallery_id_" . $bwg => (($params['album_gallery_id'] != 0) ? $row->alb_gal_id : $row->id),
|
| 83 |
-
), $_SERVER['REQUEST_URI']);
|
|
|
|
| 84 |
$href = $this->http_strip_query_param($href, 'bwg_search_' . $bwg);
|
| 85 |
$href = $this->http_strip_query_param($href, 'page_number_' . $bwg);
|
| 86 |
$title = '<div class="bwg-title1"><div class="bwg-title2">' . ($row->name ? htmlspecialchars_decode($row->name, ENT_COMPAT | ENT_QUOTES) : ' ') . '</div></div>';
|
| 77 |
echo WDWLibrary::message(__('No results found.', BWG()->prefix), 'wd_error');
|
| 78 |
}
|
| 79 |
foreach ( $params['album_gallery_rows']['rows'] as $row ) {
|
| 80 |
+
$href = esc_url( add_query_arg(array(
|
| 81 |
"type_" . $bwg => $row->def_type,
|
| 82 |
"album_gallery_id_" . $bwg => (($params['album_gallery_id'] != 0) ? $row->alb_gal_id : $row->id),
|
| 83 |
+
), $_SERVER['REQUEST_URI']) );
|
| 84 |
+
|
| 85 |
$href = $this->http_strip_query_param($href, 'bwg_search_' . $bwg);
|
| 86 |
$href = $this->http_strip_query_param($href, 'page_number_' . $bwg);
|
| 87 |
$title = '<div class="bwg-title1"><div class="bwg-title2">' . ($row->name ? htmlspecialchars_decode($row->name, ENT_COMPAT | ENT_QUOTES) : ' ') . '</div></div>';
|
frontend/views/BWGViewAlbum_extended_preview.php
CHANGED
|
@@ -86,10 +86,10 @@ class BWGViewAlbum_extended_preview extends BWGViewSite {
|
|
| 86 |
echo WDWLibrary::message(__('No results found.', BWG()->prefix), 'wd_error');
|
| 87 |
}
|
| 88 |
foreach ( $params['album_gallery_rows']['rows'] as $row ) {
|
| 89 |
-
$href = add_query_arg(array(
|
| 90 |
"type_" . $bwg => $row->def_type,
|
| 91 |
"album_gallery_id_" . $bwg => (($params['album_gallery_id'] != 0) ? $row->alb_gal_id : $row->id),
|
| 92 |
-
), $_SERVER['REQUEST_URI']);
|
| 93 |
$href = $this->http_strip_query_param($href, 'bwg_search_' . $bwg);
|
| 94 |
$href = $this->http_strip_query_param($href, 'page_number_' . $bwg);
|
| 95 |
$resolution_thumb = $row->resolution_thumb;
|
| 86 |
echo WDWLibrary::message(__('No results found.', BWG()->prefix), 'wd_error');
|
| 87 |
}
|
| 88 |
foreach ( $params['album_gallery_rows']['rows'] as $row ) {
|
| 89 |
+
$href = esc_url( add_query_arg( array(
|
| 90 |
"type_" . $bwg => $row->def_type,
|
| 91 |
"album_gallery_id_" . $bwg => (($params['album_gallery_id'] != 0) ? $row->alb_gal_id : $row->id),
|
| 92 |
+
), $_SERVER['REQUEST_URI'] ) );
|
| 93 |
$href = $this->http_strip_query_param($href, 'bwg_search_' . $bwg);
|
| 94 |
$href = $this->http_strip_query_param($href, 'page_number_' . $bwg);
|
| 95 |
$resolution_thumb = $row->resolution_thumb;
|
frontend/views/BWGViewGalleryBox.php
CHANGED
|
@@ -805,7 +805,7 @@ class BWGViewGalleryBox {
|
|
| 805 |
}
|
| 806 |
if ($params['popup_enable_pinterest']) {
|
| 807 |
?>
|
| 808 |
-
<a id="bwg_pinterest_a" href="http://pinterest.com/pin/create/button/?s=100&url=<?php echo urlencode($share_url); ?>&media=<?php echo $share_image_url; ?>&description=<?php echo $current_image_alt . '%0A' . $current_image_description; ?>" target="_blank" title="<?php echo __('Share on Pinterest', BWG()->prefix); ?>">
|
| 809 |
<i title="<?php echo __('Share on Pinterest', BWG()->prefix); ?>" class="bwg-icon-pinterest-square bwg_ctrl_btn bwg_pinterest"></i>
|
| 810 |
</a>
|
| 811 |
<?php
|
| 805 |
}
|
| 806 |
if ($params['popup_enable_pinterest']) {
|
| 807 |
?>
|
| 808 |
+
<a id="bwg_pinterest_a" href="http://pinterest.com/pin/create/button/?s=100&url=<?php echo urlencode(urlencode($share_url)); ?>&media=<?php echo $share_image_url; ?>&description=<?php echo $current_image_alt . '%0A' . $current_image_description; ?>" target="_blank" title="<?php echo __('Share on Pinterest', BWG()->prefix); ?>">
|
| 809 |
<i title="<?php echo __('Share on Pinterest', BWG()->prefix); ?>" class="bwg-icon-pinterest-square bwg_ctrl_btn bwg_pinterest"></i>
|
| 810 |
</a>
|
| 811 |
<?php
|
photo-gallery.php
CHANGED
|
@@ -3,7 +3,7 @@
|
|
| 3 |
* Plugin Name: Photo Gallery
|
| 4 |
* Plugin URI: https://10web.io/plugins/wordpress-photo-gallery/?utm_source=photo_gallery&utm_medium=free_plugin
|
| 5 |
* Description: This plugin is a fully responsive gallery plugin with advanced functionality. It allows having different image galleries for your posts and pages. You can create unlimited number of galleries, combine them into albums, and provide descriptions and tags.
|
| 6 |
-
* Version: 1.6.
|
| 7 |
* Author: Photo Gallery Team
|
| 8 |
* Author URI: https://10web.io/plugins/?utm_source=photo_gallery&utm_medium=free_plugin
|
| 9 |
* License: GNU/GPLv3 http://www.gnu.org/licenses/gpl-3.0.html
|
|
@@ -105,8 +105,8 @@ final class BWG {
|
|
| 105 |
$this->plugin_url = plugins_url(plugin_basename(dirname(__FILE__)));
|
| 106 |
$this->front_url = $this->plugin_url;
|
| 107 |
$this->main_file = plugin_basename(__FILE__);
|
| 108 |
-
$this->plugin_version = '1.6.
|
| 109 |
-
$this->db_version = '1.6.
|
| 110 |
$this->prefix = 'bwg';
|
| 111 |
$this->nicename = __('Photo Gallery', $this->prefix);
|
| 112 |
require_once($this->plugin_dir . '/framework/WDWLibrary.php');
|
| 3 |
* Plugin Name: Photo Gallery
|
| 4 |
* Plugin URI: https://10web.io/plugins/wordpress-photo-gallery/?utm_source=photo_gallery&utm_medium=free_plugin
|
| 5 |
* Description: This plugin is a fully responsive gallery plugin with advanced functionality. It allows having different image galleries for your posts and pages. You can create unlimited number of galleries, combine them into albums, and provide descriptions and tags.
|
| 6 |
+
* Version: 1.6.6
|
| 7 |
* Author: Photo Gallery Team
|
| 8 |
* Author URI: https://10web.io/plugins/?utm_source=photo_gallery&utm_medium=free_plugin
|
| 9 |
* License: GNU/GPLv3 http://www.gnu.org/licenses/gpl-3.0.html
|
| 105 |
$this->plugin_url = plugins_url(plugin_basename(dirname(__FILE__)));
|
| 106 |
$this->front_url = $this->plugin_url;
|
| 107 |
$this->main_file = plugin_basename(__FILE__);
|
| 108 |
+
$this->plugin_version = '1.6.6';
|
| 109 |
+
$this->db_version = '1.6.6';
|
| 110 |
$this->prefix = 'bwg';
|
| 111 |
$this->nicename = __('Photo Gallery', $this->prefix);
|
| 112 |
require_once($this->plugin_dir . '/framework/WDWLibrary.php');
|
readme.txt
CHANGED
|
@@ -3,7 +3,7 @@ Contributors: webdorado,wdsupport,photogallerysupport,10web
|
|
| 3 |
Tags: gallery, photo gallery, image gallery, responsive gallery, wordpress gallery plugin, photo albums, gallery slider, gallery lightbox, wordpress photo gallery plugin, fullscreen gallery, watermarking, video gallery
|
| 4 |
Requires at least: 4.6
|
| 5 |
Tested up to: 6.0
|
| 6 |
-
Stable tag: 1.6.
|
| 7 |
License: GPLv2 or later
|
| 8 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 9 |
|
|
@@ -282,6 +282,9 @@ Choose whether to display random or the first/last specific number of images.
|
|
| 282 |
|
| 283 |
== Changelog ==
|
| 284 |
|
|
|
|
|
|
|
|
|
|
| 285 |
= 1.6.5 =
|
| 286 |
* Fixed: Image upload error.
|
| 287 |
|
| 3 |
Tags: gallery, photo gallery, image gallery, responsive gallery, wordpress gallery plugin, photo albums, gallery slider, gallery lightbox, wordpress photo gallery plugin, fullscreen gallery, watermarking, video gallery
|
| 4 |
Requires at least: 4.6
|
| 5 |
Tested up to: 6.0
|
| 6 |
+
Stable tag: 1.6.6
|
| 7 |
License: GPLv2 or later
|
| 8 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 9 |
|
| 282 |
|
| 283 |
== Changelog ==
|
| 284 |
|
| 285 |
+
= 1.6.6 =
|
| 286 |
+
* Fixed: Minor security vulnerability.
|
| 287 |
+
|
| 288 |
= 1.6.5 =
|
| 289 |
* Fixed: Image upload error.
|
| 290 |
|
wd/wd.php
CHANGED
|
@@ -87,7 +87,7 @@ class TenWebLibNew {
|
|
| 87 |
|
| 88 |
public function init_classes() {
|
| 89 |
$wd_options = $this->config;
|
| 90 |
-
$current_url = $_SERVER['REQUEST_URI'];
|
| 91 |
if ( $wd_options->deactivate === TRUE ) {
|
| 92 |
if ( strpos($current_url, "plugins.php") !== FALSE ) {
|
| 93 |
new TenWebNewLibDeactivate($this->config);
|
| 87 |
|
| 88 |
public function init_classes() {
|
| 89 |
$wd_options = $this->config;
|
| 90 |
+
$current_url = esc_url($_SERVER['REQUEST_URI']);
|
| 91 |
if ( $wd_options->deactivate === TRUE ) {
|
| 92 |
if ( strpos($current_url, "plugins.php") !== FALSE ) {
|
| 93 |
new TenWebNewLibDeactivate($this->config);
|
