Responsive Lightbox & Gallery - Version 1.7.2

Version Description

  • Fix: Cross-site scripting (XSS) vulnerability
  • Tweak: Improved Jetpack gallery compatibility
Download this release

Release Info

Developer dfactory
Plugin Icon 128x128 Responsive Lightbox & Gallery
Version 1.7.2
Comparing to
See all releases

Code changes from version 1.7.1 to 1.7.2

Files changed (4) hide show
  1. includes/class-frontend.php +6 -5
  2. includes/class-settings.php +2 -2
  3. readme.txt +7 -6
  4. responsive-lightbox.php +3 -3
includes/class-frontend.php CHANGED
@@ -21,7 +21,8 @@ class Responsive_Lightbox_Frontend {
21
  add_filter( 'post_gallery', array( $this, 'gallery_attributes' ), 1000 );
22
  add_filter( 'the_content', array( $this, 'add_links_lightbox_selector' ) );
23
  add_filter( 'the_content', array( $this, 'add_videos_lightbox_selector' ) );
24
- add_filter( 'the_content', array( $this, 'add_custom_gallery_lightbox_selector' ), 2000, 2 );
 
25
  add_filter( 'wp_get_attachment_link', array( $this, 'add_gallery_lightbox_selector' ), 1000, 6 );
26
  add_filter( 'woocommerce_single_product_image_html', array( $this, 'woocommerce_single_product_image_html' ), 100 );
27
  add_filter( 'woocommerce_single_product_image_thumbnail_html', array( $this, 'woocommerce_single_product_image_thumbnail_html' ), 100 );
@@ -140,11 +141,9 @@ class Responsive_Lightbox_Frontend {
140
  */
141
  public function add_custom_gallery_lightbox_selector( $content ) {
142
  if ( Responsive_Lightbox()->options['settings']['force_custom_gallery'] ) {
143
-
144
  preg_match_all( '/<a(.*?)href=(?:\'|")([^<]*?).(bmp|gif|jpeg|jpg|png)(?:\'|")(.*?)>/i', $content, $links );
145
 
146
  if ( isset( $links[0] ) ) {
147
-
148
  foreach ( $links[0] as $id => $link ) {
149
  // gallery image title
150
  $title = '';
@@ -171,14 +170,16 @@ class Responsive_Lightbox_Frontend {
171
  // do not modify this link
172
  if ( $result[1] === 'norl' )
173
  continue;
174
-
175
  $content = str_replace( $link, preg_replace( '/(?:data-rel)=(?:\'|")(.*?)(?:\'|")/', 'data-rel="' . Responsive_Lightbox()->options['settings']['selector'] . '-gallery-' . base64_encode( $result[1] ) . '"' . ( ! empty ( $title ) ? ' title="' . esc_attr( $title ) . '"' : '' ) . ( Responsive_Lightbox()->options['settings']['script'] === 'imagelightbox' ? ' data-imagelightbox="' . $id . '"' : '' ), $link ), $content );
176
  } elseif ( preg_match( '/<a.*?(?:rel)=(?:\'|")(.*?)(?:\'|").*?>/', $link, $result ) === 1 ) {
177
  // do not modify this link
178
  if ( $result[1] === 'norl' )
179
  continue;
180
-
181
  $content = str_replace( $link, preg_replace( '/(?:rel)=(?:\'|")(.*?)(?:\'|")/', 'data-rel="' . Responsive_Lightbox()->options['settings']['selector'] . '-gallery-' . base64_encode( $result[1] ) . '"' . ( ! empty ( $title ) ? ' title="' . esc_attr( $title ) . '"' : '' ) . ( Responsive_Lightbox()->options['settings']['script'] === 'imagelightbox' ? ' data-imagelightbox="' . $id . '"' : '' ), $link ), $content );
 
 
182
  }
183
  }
184
  }
21
  add_filter( 'post_gallery', array( $this, 'gallery_attributes' ), 1000 );
22
  add_filter( 'the_content', array( $this, 'add_links_lightbox_selector' ) );
23
  add_filter( 'the_content', array( $this, 'add_videos_lightbox_selector' ) );
24
+ add_filter( 'the_content', array( $this, 'add_custom_gallery_lightbox_selector' ), 2000 );
25
+ add_filter( 'post_gallery', array( $this, 'add_custom_gallery_lightbox_selector' ), 2000 );
26
  add_filter( 'wp_get_attachment_link', array( $this, 'add_gallery_lightbox_selector' ), 1000, 6 );
27
  add_filter( 'woocommerce_single_product_image_html', array( $this, 'woocommerce_single_product_image_html' ), 100 );
28
  add_filter( 'woocommerce_single_product_image_thumbnail_html', array( $this, 'woocommerce_single_product_image_thumbnail_html' ), 100 );
141
  */
142
  public function add_custom_gallery_lightbox_selector( $content ) {
143
  if ( Responsive_Lightbox()->options['settings']['force_custom_gallery'] ) {
 
144
  preg_match_all( '/<a(.*?)href=(?:\'|")([^<]*?).(bmp|gif|jpeg|jpg|png)(?:\'|")(.*?)>/i', $content, $links );
145
 
146
  if ( isset( $links[0] ) ) {
 
147
  foreach ( $links[0] as $id => $link ) {
148
  // gallery image title
149
  $title = '';
170
  // do not modify this link
171
  if ( $result[1] === 'norl' )
172
  continue;
173
+
174
  $content = str_replace( $link, preg_replace( '/(?:data-rel)=(?:\'|")(.*?)(?:\'|")/', 'data-rel="' . Responsive_Lightbox()->options['settings']['selector'] . '-gallery-' . base64_encode( $result[1] ) . '"' . ( ! empty ( $title ) ? ' title="' . esc_attr( $title ) . '"' : '' ) . ( Responsive_Lightbox()->options['settings']['script'] === 'imagelightbox' ? ' data-imagelightbox="' . $id . '"' : '' ), $link ), $content );
175
  } elseif ( preg_match( '/<a.*?(?:rel)=(?:\'|")(.*?)(?:\'|").*?>/', $link, $result ) === 1 ) {
176
  // do not modify this link
177
  if ( $result[1] === 'norl' )
178
  continue;
179
+
180
  $content = str_replace( $link, preg_replace( '/(?:rel)=(?:\'|")(.*?)(?:\'|")/', 'data-rel="' . Responsive_Lightbox()->options['settings']['selector'] . '-gallery-' . base64_encode( $result[1] ) . '"' . ( ! empty ( $title ) ? ' title="' . esc_attr( $title ) . '"' : '' ) . ( Responsive_Lightbox()->options['settings']['script'] === 'imagelightbox' ? ' data-imagelightbox="' . $id . '"' : '' ), $link ), $content );
181
+ } else {
182
+ $content = str_replace( $link, '<a' . $links[1][$id] . ' href="' . $links[2][$id] . '.' . $links[3][$id] . '" data-rel="' . Responsive_Lightbox()->options['settings']['selector'] . '-gallery-' . base64_encode( $this->gallery_no ) . '"' . ( ! empty ( $title ) ? ' title="' . esc_attr( $title ) . '"' : '' ) . ( Responsive_Lightbox()->options['settings']['script'] === 'imagelightbox' ? ' data-imagelightbox="' . $id . '"' : '' ) . $links[4][$id] . '>', $content );
183
  }
184
  }
185
  }
includes/class-settings.php CHANGED
@@ -1080,8 +1080,8 @@ class Responsive_Lightbox_Settings {
1080
  * @return void
1081
  */
1082
  public function options_page() {
1083
- $tab_key = isset( $_GET['tab'] ) ? $_GET['tab'] : 'settings';
1084
- $section_key = isset( $_GET['section'] ) ? $_GET['section'] : ( ! empty( $this->tabs[$tab_key]['default_section'] ) ? $this->tabs[$tab_key]['default_section'] : '' );
1085
 
1086
  echo '
1087
  <div class="wrap">' . screen_icon() . '
1080
  * @return void
1081
  */
1082
  public function options_page() {
1083
+ $tab_key = isset( $_GET['tab'] ) ? esc_attr( $_GET['tab'] ) : 'settings';
1084
+ $section_key = isset( $_GET['section'] ) ? esc_attr( $_GET['section'] ) : ( ! empty( $this->tabs[$tab_key]['default_section'] ) ? $this->tabs[$tab_key]['default_section'] : '' );
1085
 
1086
  echo '
1087
  <div class="wrap">' . screen_icon() . '
readme.txt CHANGED
@@ -4,7 +4,7 @@ Donate link: http://www.dfactory.eu/
4
  Tags: gallery, images, lightbox, photos, theme, photo, image, picture, slideshow, modal, overlay, video
5
  Requires at least: 4.0
6
  Tested up to: 4.7.5
7
- Stable tag: 1.7.1
8
  License: MIT License
9
  License URI: http://opensource.org/licenses/MIT
10
 
@@ -70,6 +70,10 @@ No questions yet.
70
 
71
  == Changelog ==
72
 
 
 
 
 
73
  = 1.7.1 =
74
  * New: Tos "R" Us overlay close option
75
  * Fix: License activation issues
@@ -318,8 +322,5 @@ Initial release
318
 
319
  == Upgrade Notice ==
320
 
321
- = 1.7.1 =
322
- * New: Tos "R" Us overlay close option
323
- * Fix: License activation issues
324
- * Tweak: Featherlight script update to 1.7.0
325
- * Tweak: Imagelightbox script update
4
  Tags: gallery, images, lightbox, photos, theme, photo, image, picture, slideshow, modal, overlay, video
5
  Requires at least: 4.0
6
  Tested up to: 4.7.5
7
+ Stable tag: 1.7.2
8
  License: MIT License
9
  License URI: http://opensource.org/licenses/MIT
10
 
70
 
71
  == Changelog ==
72
 
73
+ = 1.7.2 =
74
+ * Fix: Cross-site scripting (XSS) vulnerability
75
+ * Tweak: Improved Jetpack gallery compatibility
76
+
77
  = 1.7.1 =
78
  * New: Tos "R" Us overlay close option
79
  * Fix: License activation issues
322
 
323
  == Upgrade Notice ==
324
 
325
+ = 1.7.2 =
326
+ * Fix: Cross-site scripting (XSS) vulnerability
 
 
 
responsive-lightbox.php CHANGED
@@ -2,7 +2,7 @@
2
  /*
3
  Plugin Name: Responsive Lightbox
4
  Description: Responsive Lightbox allows users to view larger versions of images and galleries in a lightbox (overlay) effect optimized for mobile devices.
5
- Version: 1.7.1
6
  Author: dFactory
7
  Author URI: http://www.dfactory.eu/
8
  Plugin URI: http://www.dfactory.eu/plugins/responsive-lightbox/
@@ -37,7 +37,7 @@ include_once( RESPONSIVE_LIGHTBOX_PATH . 'includes/class-widgets.php' );
37
  * Responsive Lightbox class.
38
  *
39
  * @class Responsive_Lightbox
40
- * @version 1.7.1
41
  */
42
  class Responsive_Lightbox {
43
 
@@ -160,7 +160,7 @@ class Responsive_Lightbox {
160
  'gallery_fade_out' => 300
161
  )
162
  ),
163
- 'version' => '1.7.1',
164
  'activation_date' => ''
165
  );
166
  public $options = array();
2
  /*
3
  Plugin Name: Responsive Lightbox
4
  Description: Responsive Lightbox allows users to view larger versions of images and galleries in a lightbox (overlay) effect optimized for mobile devices.
5
+ Version: 1.7.2
6
  Author: dFactory
7
  Author URI: http://www.dfactory.eu/
8
  Plugin URI: http://www.dfactory.eu/plugins/responsive-lightbox/
37
  * Responsive Lightbox class.
38
  *
39
  * @class Responsive_Lightbox
40
+ * @version 1.7.2
41
  */
42
  class Responsive_Lightbox {
43
 
160
  'gallery_fade_out' => 300
161
  )
162
  ),
163
+ 'version' => '1.7.2',
164
  'activation_date' => ''
165
  );
166
  public $options = array();