Slideshow Gallery - Version 1.4.7

Version Description

  • ADD: Recommended plugin under configuration
  • IMPROVE: TimThumb absolute URLs to prevent permission problems
  • IMPROVE: Allow long filenames for custom slides
  • IMPROVE: Replace direct Ajax calls with wp_ajax_
  • IMPROVE: Prefill the post ID in the TinyMCE dialog with ID of current post
  • FIX: Spaces in filenames uploaded to post/page breaks images
  • FIX: Remove all wp-config.php and wp-load.php references
  • FIX: Possible shell exploit by uploading PHP file as slide
  • FIX: Colorbox script should only load with this featured turned on
  • FIX: Thumbnails On/Off setting doesn't work
Download this release

Release Info

Developer contrid
Plugin Icon 128x128 Slideshow Gallery
Version 1.4.7
Comparing to
See all releases

Code changes from version 1.4.6 to 1.4.7

Files changed (10) hide show
  1. helpers/metabox.php +4 -0
  2. images/plugins/newsletters.png +0 -0
  3. js/tinymce/editor_plugin.js +2 -3
  4. models/slide.php +25 -13
  5. readme.txt +13 -1
  6. slideshow-gallery-ajax.php +0 -43
  7. slideshow-gallery-plugin.php +40 -1
  8. slideshow-gallery.php +5 -1
  9. views/admin/metaboxes/settings-plugins.php +13 -0
  10. js/tinymce/dialog.php → views/admin/tinymce-dialog.php +165 -174
helpers/metabox.php CHANGED
@@ -17,6 +17,10 @@ class GalleryMetaboxHelper extends GalleryPlugin {
17
  $this -> render('metaboxes' . DS . 'settings-about', false, true, 'admin');
18
  }
19
 
 
 
 
 
20
  function settings_general() {
21
  $this -> render('metaboxes' . DS . 'settings-general', false, true, 'admin');
22
  }
17
  $this -> render('metaboxes' . DS . 'settings-about', false, true, 'admin');
18
  }
19
 
20
+ function settings_plugins() {
21
+ $this -> render('metaboxes' . DS . 'settings-plugins', false, true, 'admin');
22
+ }
23
+
24
  function settings_general() {
25
  $this -> render('metaboxes' . DS . 'settings-general', false, true, 'admin');
26
  }
images/plugins/newsletters.png ADDED
Binary file
js/tinymce/editor_plugin.js CHANGED
@@ -11,9 +11,9 @@
11
  init: function(ed, url) {
12
  ed.addCommand('mcegallery', function() {
13
  ed.windowManager.open({
14
- file : url + '/dialog.php',
15
  width : 500,
16
- height : 300,
17
  inline : 1
18
  }, {
19
  plugin_url : url // Plugin absolute URL
@@ -24,7 +24,6 @@
24
  ed.addButton('gallery', {
25
  title : 'gallery.desc',
26
  cmd : 'mcegallery',
27
- //image : url + '/gallery.png'
28
  });
29
  },
30
  createControl : function(n, cm) {
11
  init: function(ed, url) {
12
  ed.addCommand('mcegallery', function() {
13
  ed.windowManager.open({
14
+ file : slideshowajax + '?action=slideshow_tinymce',
15
  width : 500,
16
+ height : 350,
17
  inline : 1
18
  }, {
19
  plugin_url : url // Plugin absolute URL
24
  ed.addButton('gallery', {
25
  title : 'gallery.desc',
26
  cmd : 'mcegallery',
 
27
  });
28
  },
29
  createControl : function(n, cm) {
models/slide.php CHANGED
@@ -16,9 +16,9 @@ class GallerySlide extends GalleryDbHelper {
16
  'description' => "TEXT NOT NULL",
17
  'showinfo' => "VARCHAR(50) NOT NULL DEFAULT 'both'",
18
  'iopacity' => "INT(11) NOT NULL DEFAULT '70'",
19
- 'image' => "VARCHAR(50) NOT NULL DEFAULT ''",
20
  'type' => "ENUM('file','url') NOT NULL DEFAULT 'file'",
21
- 'image_url' => "VARCHAR(200) NOT NULL DEFAULT ''",
22
  'uselink' => "ENUM('Y','N') NOT NULL DEFAULT 'N'",
23
  'linktarget' => "ENUM('self','blank') NOT NULL DEFAULT 'self'",
24
  'link' => "VARCHAR(200) NOT NULL DEFAULT ''",
@@ -120,19 +120,31 @@ class GallerySlide extends GalleryDbHelper {
120
  $imagepath = GalleryHtmlHelper::uploads_path() . DS . 'slideshow-gallery' . DS;
121
  $imagefull = $imagepath . $imagename;
122
 
123
- if (!is_uploaded_file($_FILES['image_file']['tmp_name'])) { $this -> errors['image_file'] = __('The image did not upload, please try again', $this -> plugin_name); }
124
- elseif (!move_uploaded_file($_FILES['image_file']['tmp_name'], $imagefull)) { $this -> errors['image_file'] = __('Image could not be moved from TMP to "wp-content/uploads/", please check permissions', $this -> plugin_name); }
125
- else {
126
- @chmod($imagefull, 0644);
127
-
128
- $this -> data -> image = $imagename;
129
- $imagespath = $this -> get_option('imagespath');
130
- if (empty($imagespath)) {
131
- $this -> image_path = GalleryHtmlHelper::uploads_path() . DS . 'slideshow-gallery' . DS . $imagename;
132
- } else {
133
- $this -> image_path = rtrim($imagespath, DS) . DS . $imagename;
134
  }
135
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
136
  } else {
137
  switch ($_FILES['image_file']['error']) {
138
  case UPLOAD_ERR_INI_SIZE :
16
  'description' => "TEXT NOT NULL",
17
  'showinfo' => "VARCHAR(50) NOT NULL DEFAULT 'both'",
18
  'iopacity' => "INT(11) NOT NULL DEFAULT '70'",
19
+ 'image' => "TEXT NOT NULL",
20
  'type' => "ENUM('file','url') NOT NULL DEFAULT 'file'",
21
+ 'image_url' => "TEXT NOT NULL",
22
  'uselink' => "ENUM('Y','N') NOT NULL DEFAULT 'N'",
23
  'linktarget' => "ENUM('self','blank') NOT NULL DEFAULT 'self'",
24
  'link' => "VARCHAR(200) NOT NULL DEFAULT ''",
120
  $imagepath = GalleryHtmlHelper::uploads_path() . DS . 'slideshow-gallery' . DS;
121
  $imagefull = $imagepath . $imagename;
122
 
123
+ $issafe = false;
124
+ $mimes = get_allowed_mime_types();
125
+ foreach ($mimes as $type => $mime) {
126
+ if (strpos($type, $image_ext) !== false) {
127
+ $issafe = true;
 
 
 
 
 
 
128
  }
129
  }
130
+
131
+ if (empty($issafe) || $issafe == false) {
132
+ $this -> errors['image_file'] = __('This file type is not allowed for security reasons', $this -> plugin_name);
133
+ } else {
134
+ if (!is_uploaded_file($_FILES['image_file']['tmp_name'])) { $this -> errors['image_file'] = __('The image did not upload, please try again', $this -> plugin_name); }
135
+ elseif (!move_uploaded_file($_FILES['image_file']['tmp_name'], $imagefull)) { $this -> errors['image_file'] = __('Image could not be moved from TMP to "wp-content/uploads/", please check permissions', $this -> plugin_name); }
136
+ else {
137
+ @chmod($imagefull, 0644);
138
+
139
+ $this -> data -> image = $imagename;
140
+ $imagespath = $this -> get_option('imagespath');
141
+ if (empty($imagespath)) {
142
+ $this -> image_path = GalleryHtmlHelper::uploads_path() . DS . 'slideshow-gallery' . DS . $imagename;
143
+ } else {
144
+ $this -> image_path = rtrim($imagespath, DS) . DS . $imagename;
145
+ }
146
+ }
147
+ }
148
  } else {
149
  switch ($_FILES['image_file']['error']) {
150
  case UPLOAD_ERR_INI_SIZE :
readme.txt CHANGED
@@ -4,7 +4,7 @@ Donate link: http://tribulant.com/
4
  Tags: wordpress plugins, wordpress slideshow gallery, slides, slideshow, image gallery, images, gallery, featured content, content gallery, javascript, javascript slideshow, slideshow gallery
5
  Requires at least: 3.1
6
  Tested up to: 3.9.2
7
- Stable tag: 1.4.6
8
 
9
  Feature content in a JavaScript powered slideshow gallery showcase on your WordPress website
10
 
@@ -126,6 +126,18 @@ There is an "Images Tester" utility under Slideshow > Configuration on the right
126
 
127
  == Changelog ==
128
 
 
 
 
 
 
 
 
 
 
 
 
 
129
  = 1.4.6 =
130
  * ADD: Featured content. Display a slide for each post with it's featured image
131
  * ADD: Auto height setting to adjust height for each slide
4
  Tags: wordpress plugins, wordpress slideshow gallery, slides, slideshow, image gallery, images, gallery, featured content, content gallery, javascript, javascript slideshow, slideshow gallery
5
  Requires at least: 3.1
6
  Tested up to: 3.9.2
7
+ Stable tag: 1.4.7
8
 
9
  Feature content in a JavaScript powered slideshow gallery showcase on your WordPress website
10
 
126
 
127
  == Changelog ==
128
 
129
+ = 1.4.7 =
130
+ * ADD: Recommended plugin under configuration
131
+ * IMPROVE: TimThumb absolute URLs to prevent permission problems
132
+ * IMPROVE: Allow long filenames for custom slides
133
+ * IMPROVE: Replace direct Ajax calls with wp_ajax_
134
+ * IMPROVE: Prefill the post ID in the TinyMCE dialog with ID of current post
135
+ * FIX: Spaces in filenames uploaded to post/page breaks images
136
+ * FIX: Remove all wp-config.php and wp-load.php references
137
+ * FIX: Possible shell exploit by uploading PHP file as slide
138
+ * FIX: Colorbox script should only load with this featured turned on
139
+ * FIX: Thumbnails On/Off setting doesn't work
140
+
141
  = 1.4.6 =
142
  * ADD: Featured content. Display a slide for each post with it's featured image
143
  * ADD: Auto height setting to adjust height for each slide
slideshow-gallery-ajax.php DELETED
@@ -1,43 +0,0 @@
1
- <?php
2
-
3
- if (!defined('DS')) { define('DS', DIRECTORY_SEPARATOR); }
4
-
5
- $root = __FILE__;
6
- for ($i = 0; $i < 4; $i++) $root = dirname($root);
7
- require_once($root . DS . 'wp-config.php');
8
- require_once(ABSPATH . 'wp-admin' . DS . 'includes' . DS . 'admin.php');
9
-
10
- class GalleryAjax extends GalleryPlugin {
11
-
12
- var $safecommands = array('slides_order');
13
-
14
- function GalleryAjax($cmd) {
15
- $this -> register_plugin('slideshow-gallery', __FILE__);
16
-
17
- if (!empty($cmd)) {
18
- if (in_array($cmd, $this -> safecommands) || current_user_can('gallery_slides')) {
19
- if (method_exists($this, $cmd)) {
20
- $this -> $cmd();
21
- }
22
- }
23
- }
24
- }
25
-
26
- function slides_order() {
27
- if (!empty($_REQUEST['item'])) {
28
- foreach ($_REQUEST['item'] as $order => $slide_id) {
29
- if (empty($_REQUEST['gallery_id'])) {
30
- $this -> Slide -> save_field('order', ($order + 1), array('id' => $slide_id));
31
- } else {
32
- $this -> GallerySlides -> save_field('order', ($order + 1), array('slide_id' => $slide_id, 'gallery_id' => $_REQUEST['gallery_id']));
33
- }
34
- }
35
-
36
- _e('Slides have been ordered', $this -> plugin_name);
37
- }
38
- }
39
- }
40
-
41
- $GalleryAjax = new GalleryAjax($_GET['cmd']);
42
-
43
- ?>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
slideshow-gallery-plugin.php CHANGED
@@ -2,7 +2,7 @@
2
 
3
  class GalleryPlugin {
4
 
5
- var $version = '1.4.6';
6
  var $plugin_name;
7
  var $plugin_base;
8
  var $pre = 'Gallery';
@@ -63,6 +63,13 @@ class GalleryPlugin {
63
  die();
64
  }
65
 
 
 
 
 
 
 
 
66
  function init_class($name = null, $params = array()) {
67
  if (!empty($name)) {
68
  $name = $this -> pre . $name;
@@ -117,6 +124,36 @@ class GalleryPlugin {
117
  }
118
  }
119
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
120
  function initialize_options() {
121
  if (!is_admin()) { return; }
122
 
@@ -392,6 +429,8 @@ class GalleryPlugin {
392
  if ($_GET['page'] == "slideshow-slides" && $_GET['method'] == "order") {
393
  wp_enqueue_script('jquery-ui-sortable');
394
  }
 
 
395
  }
396
 
397
  wp_enqueue_script('colorbox', plugins_url() . '/' . $this -> plugin_name . '/js/colorbox.js', array('jquery'), '1.3.19');
2
 
3
  class GalleryPlugin {
4
 
5
+ var $version = '1.4.7';
6
  var $plugin_name;
7
  var $plugin_base;
8
  var $pre = 'Gallery';
63
  die();
64
  }
65
 
66
+ function ajax_tinymce() {
67
+ $this -> render('tinymce-dialog', false, true, 'admin');
68
+
69
+ exit();
70
+ die();
71
+ }
72
+
73
  function init_class($name = null, $params = array()) {
74
  if (!empty($name)) {
75
  $name = $this -> pre . $name;
124
  }
125
  }
126
 
127
+ function updating_plugin() {
128
+ if (!is_admin()) return;
129
+
130
+ global $wpdb;
131
+
132
+ if (!$this -> get_option('version')) {
133
+ $this -> add_option('version', $this -> version);
134
+ $this -> initialize_options();
135
+ return;
136
+ }
137
+
138
+ $cur_version = $this -> get_option('version');
139
+ $version = $this -> version;
140
+
141
+ if (version_compare($this -> version, $cur_version) === 1) {
142
+ if (version_compare($cur_version, "1.4.7") < 0) {
143
+ $this -> initialize_options();
144
+
145
+ $query = "ALTER TABLE `" . $this -> Slide -> table . "` CHANGE `image` `image` TEXT NOT NULL;";
146
+ $wpdb -> query($query);
147
+
148
+ $version = "1.4.7";
149
+ }
150
+
151
+ //the current version is older.
152
+ //lets update the database
153
+ $this -> update_option('version', $version);
154
+ }
155
+ }
156
+
157
  function initialize_options() {
158
  if (!is_admin()) { return; }
159
 
429
  if ($_GET['page'] == "slideshow-slides" && $_GET['method'] == "order") {
430
  wp_enqueue_script('jquery-ui-sortable');
431
  }
432
+
433
+ add_thickbox();
434
  }
435
 
436
  wp_enqueue_script('colorbox', plugins_url() . '/' . $this -> plugin_name . '/js/colorbox.js', array('jquery'), '1.3.19');
slideshow-gallery.php CHANGED
@@ -6,7 +6,7 @@ Plugin URI: http://wpgallery.tribulant.net
6
  Author: Tribulant Software
7
  Author URI: http://tribulant.com
8
  Description: Feature content in a JavaScript powered slideshow gallery showcase on your WordPress website. The slideshow is flexible and all aspects can easily be configured. Embedding or hardcoding the slideshow gallery is a breeze. To embed into a post/page, simply insert <code>[tribulant_slideshow]</code> into its content with an optional <code>post_id</code> parameter. To hardcode into any PHP file of your WordPress theme, simply use <code>&lt;?php if (function_exists('slideshow')) { slideshow($output = true, $post_id = false, $gallery_id = false, $params = array()); } ?&gt;</code>.
9
- Version: 1.4.6
10
  License: GNU General Public License v2 or later
11
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
12
  Tags: slideshow gallery, slideshow, gallery, slider, jquery, bfithumb, galleries, photos, images
@@ -46,6 +46,7 @@ if (!class_exists('Gallery')) {
46
 
47
  //WordPress Ajax hooks
48
  $this -> add_action('wp_ajax_slideshow_slides_order', 'ajax_slides_order', 10, 1);
 
49
 
50
  //WordPress filter hooks
51
  $this -> add_filter('mce_buttons');
@@ -56,6 +57,8 @@ if (!class_exists('Gallery')) {
56
  add_shortcode('slideshow', array($this, 'embed'));
57
  add_shortcode('tribulant_slideshow', array($this, 'embed'));
58
  }
 
 
59
  }
60
 
61
  function plugin_settings_link($links) {
@@ -98,6 +101,7 @@ if (!class_exists('Gallery')) {
98
  function admin_head_gallery_settings() {
99
  add_meta_box('submitdiv', __('Save Settings', $this -> plugin_name), array($this -> Metabox, "settings_submit"), $this -> menus['slideshow-settings'], 'side', 'core');
100
  add_meta_box('aboutdiv', __('About This Plugin', $this -> plugin_name) . $this -> Html -> help(__('More about this plugin and the creators of it', $this -> plugin_name)), array($this -> Metabox, "settings_about"), $this -> menus['slideshow-settings'], 'side', 'core');
 
101
  add_meta_box('generaldiv', __('General Settings', $this -> plugin_name) . $this -> Html -> help(__('General configuration settings for the inner workings and some default behaviours', $this -> plugin_name)), array($this -> Metabox, "settings_general"), $this -> menus['slideshow-settings'], 'normal', 'core');
102
  add_meta_box('linksimagesdiv', __('Links &amp; Images Overlay', $this -> plugin_name) . $this -> Html -> help(__('Configure the way that slides with links are opened', $this -> plugin_name)), array($this -> Metabox, "settings_linksimages"), $this -> menus['slideshow-settings'], 'normal', 'core');
103
  add_meta_box('stylesdiv', __('Appearance &amp; Styles', $this -> plugin_name) . $this -> Html -> help(__('Change the way the slideshows look so that it suits your needs', $this -> plugin_name)), array($this -> Metabox, "settings_styles"), $this -> menus['slideshow-settings'], 'normal', 'core');
6
  Author: Tribulant Software
7
  Author URI: http://tribulant.com
8
  Description: Feature content in a JavaScript powered slideshow gallery showcase on your WordPress website. The slideshow is flexible and all aspects can easily be configured. Embedding or hardcoding the slideshow gallery is a breeze. To embed into a post/page, simply insert <code>[tribulant_slideshow]</code> into its content with an optional <code>post_id</code> parameter. To hardcode into any PHP file of your WordPress theme, simply use <code>&lt;?php if (function_exists('slideshow')) { slideshow($output = true, $post_id = false, $gallery_id = false, $params = array()); } ?&gt;</code>.
9
+ Version: 1.4.7
10
  License: GNU General Public License v2 or later
11
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
12
  Tags: slideshow gallery, slideshow, gallery, slider, jquery, bfithumb, galleries, photos, images
46
 
47
  //WordPress Ajax hooks
48
  $this -> add_action('wp_ajax_slideshow_slides_order', 'ajax_slides_order', 10, 1);
49
+ $this -> add_action('wp_ajax_slideshow_tinymce', 'ajax_tinymce', 10, 1);
50
 
51
  //WordPress filter hooks
52
  $this -> add_filter('mce_buttons');
57
  add_shortcode('slideshow', array($this, 'embed'));
58
  add_shortcode('tribulant_slideshow', array($this, 'embed'));
59
  }
60
+
61
+ $this -> updating_plugin();
62
  }
63
 
64
  function plugin_settings_link($links) {
101
  function admin_head_gallery_settings() {
102
  add_meta_box('submitdiv', __('Save Settings', $this -> plugin_name), array($this -> Metabox, "settings_submit"), $this -> menus['slideshow-settings'], 'side', 'core');
103
  add_meta_box('aboutdiv', __('About This Plugin', $this -> plugin_name) . $this -> Html -> help(__('More about this plugin and the creators of it', $this -> plugin_name)), array($this -> Metabox, "settings_about"), $this -> menus['slideshow-settings'], 'side', 'core');
104
+ add_meta_box('pluginsdiv', __('Recommended Plugin', $this -> plugin_name), array($this -> Metabox, "settings_plugins"), $this -> menus['slideshow-settings'], 'side', 'core');
105
  add_meta_box('generaldiv', __('General Settings', $this -> plugin_name) . $this -> Html -> help(__('General configuration settings for the inner workings and some default behaviours', $this -> plugin_name)), array($this -> Metabox, "settings_general"), $this -> menus['slideshow-settings'], 'normal', 'core');
106
  add_meta_box('linksimagesdiv', __('Links &amp; Images Overlay', $this -> plugin_name) . $this -> Html -> help(__('Configure the way that slides with links are opened', $this -> plugin_name)), array($this -> Metabox, "settings_linksimages"), $this -> menus['slideshow-settings'], 'normal', 'core');
107
  add_meta_box('stylesdiv', __('Appearance &amp; Styles', $this -> plugin_name) . $this -> Html -> help(__('Change the way the slideshows look so that it suits your needs', $this -> plugin_name)), array($this -> Metabox, "settings_styles"), $this -> menus['slideshow-settings'], 'normal', 'core');
views/admin/metaboxes/settings-plugins.php ADDED
@@ -0,0 +1,13 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <div style="text-align:center;">
2
+ <h4><a href="https://wordpress.org/plugins/newsletters-lite/" target="_blank">WordPress Newsletter plugin LITE</a></h4>
3
+ <p>
4
+ <a href="https://wordpress.org/plugins/newsletters-lite/" target="_blank"><img src="<?php echo $this -> url(); ?>/images/plugins/newsletters.png" alt="newsletters" /></a>
5
+ </p>
6
+ <p>
7
+ Get the WordPress Newsletter plugin LITE today. It is a FREE plugin which can be installed by clicking the button below.
8
+ </p>
9
+ <p>
10
+ <a class="thickbox button button-primary button-large" href="<?php echo wp_nonce_url(admin_url('plugin-install.php?tab=plugin-information&plugin=newsletters-lite&TB_iframe=true&width=640&height=591')); ?>"><?php _e('Install Now', $this -> plugin_name); ?></a>
11
+ <a class="button button-secondary button-large" href="https://wordpress.org/plugins/newsletters-lite/" target="_blank"><?php _e('Visit Plugin page', $this -> plugin_name); ?></a>
12
+ </p>
13
+ </div>
js/tinymce/dialog.php → views/admin/tinymce-dialog.php RENAMED
@@ -1,175 +1,166 @@
1
- <?php
2
-
3
- global $wpdb;
4
-
5
- error_reporting(0);
6
- @ini_set('display_errors', 0);
7
-
8
- if (!defined('DS')) { define('DS', DIRECTORY_SEPARATOR); }
9
-
10
- $root = __FILE__;
11
- for ($i = 0; $i < 6; $i++) $root = dirname($root);
12
-
13
- if (!defined('DS')) { define('DS', DIRECTORY_SEPARATOR); }
14
- require_once($root . DS . 'wp-config.php');
15
- require_once(ABSPATH . 'wp-admin' . DS . 'includes' . DS . 'admin.php');
16
- $Gallery = new Gallery();
17
-
18
- if(!current_user_can('edit_posts')) die;
19
- do_action('admin_init');
20
-
21
- $galleriesquery = "SELECT * FROM `" . $wpdb -> prefix . "gallery_galleries` ORDER BY `title` ASC";
22
-
23
- $query_hash = md5($galleriesquery);
24
- if ($oc_galleries = wp_cache_get($query_hash, 'slideshowgallery')) {
25
- $galleries = $oc_galleries;
26
- } else {
27
- $galleries = $wpdb -> get_results($galleriesquery);
28
- wp_cache_set($query_hash, $galleries, 'slideshowgallery', 0);
29
- }
30
-
31
- $checkout_active = is_plugin_active('wp-checkout' . DS . 'wp-checkout.php');
32
-
33
- ?>
34
-
35
-
36
- <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
37
- <html xmlns="http://www.w3.org/1999/xhtml">
38
- <head>
39
- <title><?php _e('Insert a Slideshow Gallery', $Gallery -> plugin_name); ?></title>
40
- <script language="javascript" type="text/javascript" src="<?php echo site_url(); ?>/wp-includes/js/tinymce/tiny_mce_popup.js"></script>
41
- <script language="javascript" type="text/javascript" src="<?php echo site_url(); ?>/wp-includes/js/tinymce/utils/mctabs.js"></script>
42
- <script language="javascript" type="text/javascript" src="<?php echo site_url(); ?>/wp-includes/js/tinymce/utils/form_utils.js"></script>
43
- <script language="javascript" type="text/javascript" src="<?php echo site_url(); ?>/wp-includes/js/tinymce/utils/form_utils.js"></script>
44
- <script language="javascript" type="text/javascript" src="<?php echo site_url(); ?>/wp-includes/js/jquery/jquery.js"></script>
45
- <script language="javascript" type="text/javascript">
46
-
47
- var _self = tinyMCEPopup;
48
-
49
- function insertTag () {
50
- var slideshow_type = jQuery('input[name="slideshow_type"]:checked').val();
51
- var exclude = jQuery('#exclude').val();
52
-
53
- if (slideshow_type == "post") {
54
- var post_id = jQuery('#post_id').val();
55
- if (post_id == "") { alert('<?php _e('Please fill in a post ID.', $Gallery -> plugin_name); ?>'); return false; }
56
- var tag = '[tribulant_slideshow post_id="' + post_id + '"';
57
-
58
- if (exclude != "" && exclude != "undefined" && exclude != undefined) {
59
- tag += ' exclude="' + exclude + '"';
60
- }
61
-
62
- tag += ']';
63
- } else if (slideshow_type == "custom") {
64
- var tag = '[tribulant_slideshow';
65
- if (exclude != "" && exclude != "undefined" && exclude != undefined) { tag += ' exclude="' + exclude + '"'; }
66
- tag += ']';
67
- } else if (slideshow_type == "gallery") {
68
- var gallery_id = jQuery('#gallery_id').val();
69
- if (gallery_id == "") { alert('<?php _e('Please select a gallery.', $Gallery -> plugin_name); ?>'); return false; }
70
- var tag = '[tribulant_slideshow gallery_id="' + gallery_id + '"';
71
- if (exclude != "" && exclude != "undefined" && exclude != undefined) { tag += ' exclude="' + exclude + '"'; }
72
- tag += ']';
73
- } else if (slideshow_type == "products") {
74
- var slideshow_products = jQuery('#slideshow_products').val();
75
- var slideshow_productsnumber = jQuery('#slideshow_productsnumber').val();
76
- var tag = '[tribulant_slideshow products="' + slideshow_products + '" productsnumber="' + slideshow_productsnumber + '"]';
77
- }
78
-
79
- if(window.tinyMCE) {
80
- window.tinyMCE.execCommand('mceInsertContent', false, tag);
81
- tinyMCEPopup.editor.execCommand('mceRepaint');
82
- tinyMCEPopup.close();
83
- }
84
- }
85
-
86
- function closePopup() {
87
- tinyMCEPopup.close();
88
- }
89
- </script>
90
-
91
- <style type="text/css">
92
- @import url('<?php echo $Gallery -> url(); ?>/css/admin.css');
93
- table th { vertical-align: top; }
94
- .panel_wrapper { border-top: 1px solid #909B9C; }
95
- .panel_wrapper div.current { height:auto !important; }
96
- #product-menu { width: 180px; }
97
- </style>
98
-
99
- </head>
100
- <body>
101
-
102
- <div id="wpwrap">
103
-
104
- <form onsubmit="insertTag(); return false;" action="#">
105
- <div class="panel_wrapper">
106
- <label style="font-weight:bold; cursor:pointer;"><input onclick="jQuery('#products_div').hide(); jQuery('#post_div').show(); jQuery('#gallery_div').hide();" type="radio" name="slideshow_type" value="post" id="type_post" /> <?php _e('Images From a Post', $Gallery -> plugin_name); ?></label><br/>
107
- <label style="font-weight:bold; cursor:pointer;"><input onclick="jQuery('#products_div').hide(); jQuery('#post_div').hide(); jQuery('#gallery_div').show();" type="radio" name="slideshow_type" value="gallery" id="type_gallery" /> <?php _e('Slides From a Gallery', $Gallery -> plugin_name); ?></label><br/>
108
- <label style="font-weight:bold; cursor:pointer;"><input onclick="jQuery('#products_div').hide(); jQuery('#post_div').hide(); jQuery('#gallery_div').hide();" type="radio" name="slideshow_type" value="custom" id="type_custom" /> <?php _e('All Available Slides', $Gallery -> plugin_name); ?></label><br/>
109
- <label style="font-weight:bold; cursor:pointer;"><input <?php echo (!$checkout_active) ? 'disabled="disabled"' : ''; ?> onclick="jQuery('#products_div').show(); jQuery('#post_div').hide(); jQuery('#gallery_div').hide();" type="radio" name="slideshow_type" value="products" id="type_products" /> <?php _e('Products', $Gallery -> plugin_name); ?></label>
110
- <?php if (!$checkout_active) : ?>
111
- <small>(<span class="slideshow_error"><?php echo sprintf(__('Requires the %sShopping Cart plugin%s', $Gallery -> plugin_name), '<a href="http://tribulant.com/plugins/view/10/wordpress-shopping-cart-plugin" target="_blank">', '</a>'); ?></span>)</small>
112
- <?php endif; ?>
113
-
114
- <div id="products_div" style="display:none;">
115
- <p>
116
- <label for="slideshow_products" style="font-weight:bold;"><?php _e('Products Source:', $Gallery -> plugin_name); ?></label><br/>
117
- <select name="slideshow_products" id="slideshow_products">
118
- <option value="latest"><?php _e('Latest Products', $Gallery -> plugin_name); ?></option>
119
- <option value="featured"><?php _e('Featured Products', $Gallery -> plugin_name); ?></option>
120
- </select>
121
- <br/><small><?php _e('Choose the source of the products', $Gallery -> plugin_name); ?></small>
122
- </p>
123
- <p>
124
- <label for="slideshow_productsnumber" style="font-weight:bold;"><?php _e('Number of Products:', $Gallery -> plugin_name); ?></label>
125
- <input type="text" style="width:50px;" class="" name="slideshow_productsnumber" value="10" id="slideshow_productsnumber" />
126
- <br/><small><?php _e('The number of products to display', $Gallery -> plugin_name); ?></small>
127
- </p>
128
- </div>
129
-
130
- <div id="post_div" style="display:none;">
131
- <p>
132
- <label for="post_id" style="font-weight:bold;"><?php _e('Post ID:', $Gallery -> plugin_name); ?></label><br/>
133
- <input type="text" class="" name="post_id" value="" id="post_id" /><br/>
134
- <small><?php _e('ID of the post to take images from.', $Gallery -> plugin_name); ?></small>
135
- </p>
136
- </div>
137
-
138
- <div id="gallery_div" style="display:none;">
139
- <p>
140
- <label for="gallery_id" style="font-weight:bold;"><?php _e('Gallery:', $Gallery -> plugin_name); ?></label>
141
- <select name="gallery_id" id="gallery_id">
142
- <option value=""><?php _e('- Select Gallery -', $Gallery -> plugin_name); ?></option>
143
- <?php if (!empty($galleries)) : ?>
144
- <?php foreach ($galleries as $gallery) : ?>
145
- <?php $slidescount = $wpdb -> get_var("SELECT COUNT(`id`) FROM `" . $wpdb -> prefix . "gallery_galleriesslides` WHERE `gallery_id` = '" . $gallery -> id . "'"); ?>
146
- <option value="<?php echo $gallery -> id; ?>"><?php echo __($gallery -> title); ?> (<?php echo $slidescount; ?>)</option>
147
- <?php endforeach; ?>
148
- <?php endif; ?>
149
- </select>
150
- </p>
151
- </div>
152
-
153
- <p>
154
- <label style="font-weight:bold;"><?php _e('Exclude:', $Gallery -> plugin_name); ?></label><br/>
155
- <input type="text" name="exclude" value="" id="exclude" /><br/>
156
- <small><?php _e('Comma separated IDs of attachments/slides to exclude', $Gallery -> plugin_name); ?></small>
157
- </p>
158
- </div>
159
-
160
- <p><?php echo sprintf(__('For more settings/parameters, see the %sSlideshow Gallery plugin%s page.', $Gallery -> plugin_name), '<a href="http://wordpress.org/plugins/slideshow-gallery/" target="_blank">', '</a>'); ?></p>
161
-
162
- <div class="mceActionPanel">
163
- <div style="float: left">
164
- <input type="button" id="cancel" name="cancel" value="{#cancel}" onclick="closePopup()"/>
165
- </div>
166
-
167
- <div style="float: right">
168
- <input type="button" id="insert" name="insert" value="{#insert}" onclick="insertTag()" />
169
- </div>
170
- </div>
171
- </form>
172
- </div>
173
-
174
- </body>
175
  </html>
1
+ <?php
2
+
3
+ global $wpdb;
4
+ if(!current_user_can('edit_posts')) die;
5
+
6
+ $galleriesquery = "SELECT * FROM `" . $wpdb -> prefix . "gallery_galleries` ORDER BY `title` ASC";
7
+
8
+ $query_hash = md5($galleriesquery);
9
+ if ($oc_galleries = wp_cache_get($query_hash, 'slideshowgallery')) {
10
+ $galleries = $oc_galleries;
11
+ } else {
12
+ $galleries = $wpdb -> get_results($galleriesquery);
13
+ wp_cache_set($query_hash, $galleries, 'slideshowgallery', 0);
14
+ }
15
+
16
+ $checkout_active = is_plugin_active('wp-checkout' . DS . 'wp-checkout.php');
17
+
18
+ ?>
19
+
20
+
21
+ <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
22
+ <html xmlns="http://www.w3.org/1999/xhtml">
23
+ <head>
24
+ <title><?php _e('Insert a Slideshow Gallery', $this -> plugin_name); ?></title>
25
+ <script language="javascript" type="text/javascript" src="<?php echo site_url(); ?>/wp-includes/js/tinymce/tiny_mce_popup.js"></script>
26
+ <script language="javascript" type="text/javascript" src="<?php echo site_url(); ?>/wp-includes/js/tinymce/utils/mctabs.js"></script>
27
+ <script language="javascript" type="text/javascript" src="<?php echo site_url(); ?>/wp-includes/js/tinymce/utils/form_utils.js"></script>
28
+ <script language="javascript" type="text/javascript" src="<?php echo site_url(); ?>/wp-includes/js/tinymce/utils/form_utils.js"></script>
29
+ <script language="javascript" type="text/javascript" src="<?php echo site_url(); ?>/wp-includes/js/jquery/jquery.js"></script>
30
+ <script language="javascript" type="text/javascript">
31
+ var _self = tinyMCEPopup;
32
+
33
+ function insertTag () {
34
+ var slideshow_type = jQuery('input[name="slideshow_type"]:checked').val();
35
+ var exclude = jQuery('#exclude').val();
36
+
37
+ if (slideshow_type == "post") {
38
+ var post_id = jQuery('#post_id').val();
39
+ if (post_id == "") { alert('<?php _e('Please fill in a post ID.', $this -> plugin_name); ?>'); return false; }
40
+ var tag = '[tribulant_slideshow post_id="' + post_id + '"';
41
+
42
+ if (exclude != "" && exclude != "undefined" && exclude != undefined) {
43
+ tag += ' exclude="' + exclude + '"';
44
+ }
45
+
46
+ tag += ']';
47
+ } else if (slideshow_type == "custom") {
48
+ var tag = '[tribulant_slideshow';
49
+ if (exclude != "" && exclude != "undefined" && exclude != undefined) { tag += ' exclude="' + exclude + '"'; }
50
+ tag += ']';
51
+ } else if (slideshow_type == "gallery") {
52
+ var gallery_id = jQuery('#gallery_id').val();
53
+ if (gallery_id == "") { alert('<?php _e('Please select a gallery.', $this -> plugin_name); ?>'); return false; }
54
+ var tag = '[tribulant_slideshow gallery_id="' + gallery_id + '"';
55
+ if (exclude != "" && exclude != "undefined" && exclude != undefined) { tag += ' exclude="' + exclude + '"'; }
56
+ tag += ']';
57
+ } else if (slideshow_type == "products") {
58
+ var slideshow_products = jQuery('#slideshow_products').val();
59
+ var slideshow_productsnumber = jQuery('#slideshow_productsnumber').val();
60
+ var tag = '[tribulant_slideshow products="' + slideshow_products + '" productsnumber="' + slideshow_productsnumber + '"]';
61
+ }
62
+
63
+ if (window.tinyMCE) {
64
+ window.tinyMCE.execCommand('mceInsertContent', false, tag);
65
+ tinyMCEPopup.editor.execCommand('mceRepaint');
66
+ tinyMCEPopup.close();
67
+ }
68
+ }
69
+
70
+ function closePopup() {
71
+ tinyMCEPopup.close();
72
+ }
73
+ </script>
74
+
75
+ <style type="text/css">
76
+ @import url('<?php echo $this -> url(); ?>/css/admin.css');
77
+ table th { vertical-align: top; }
78
+ .panel_wrapper { border-top: 1px solid #909B9C; }
79
+ .panel_wrapper div.current { height:auto !important; }
80
+ #product-menu { width: 180px; }
81
+ </style>
82
+
83
+ </head>
84
+ <body>
85
+
86
+ <div id="wpwrap">
87
+
88
+ <form onsubmit="insertTag(); return false;" action="#">
89
+ <div class="panel_wrapper">
90
+ <label style="font-weight:bold; cursor:pointer;"><input onclick="jQuery('#products_div').hide(); jQuery('#post_div').show(); jQuery('#gallery_div').hide();" type="radio" name="slideshow_type" value="post" id="type_post" /> <?php _e('Images From a Post', $this -> plugin_name); ?></label><br/>
91
+ <label style="font-weight:bold; cursor:pointer;"><input onclick="jQuery('#products_div').hide(); jQuery('#post_div').hide(); jQuery('#gallery_div').show();" type="radio" name="slideshow_type" value="gallery" id="type_gallery" /> <?php _e('Slides From a Gallery', $this -> plugin_name); ?></label><br/>
92
+ <label style="font-weight:bold; cursor:pointer;"><input onclick="jQuery('#products_div').hide(); jQuery('#post_div').hide(); jQuery('#gallery_div').hide();" type="radio" name="slideshow_type" value="custom" id="type_custom" /> <?php _e('All Available Slides', $this -> plugin_name); ?></label><br/>
93
+ <label style="font-weight:bold; cursor:pointer;"><input <?php echo (!$checkout_active) ? 'disabled="disabled"' : ''; ?> onclick="jQuery('#products_div').show(); jQuery('#post_div').hide(); jQuery('#gallery_div').hide();" type="radio" name="slideshow_type" value="products" id="type_products" /> <?php _e('Products', $this -> plugin_name); ?></label>
94
+ <?php if (!$checkout_active) : ?>
95
+ <small>(<span class="slideshow_error"><?php echo sprintf(__('Requires the %sShopping Cart plugin%s', $this -> plugin_name), '<a href="http://tribulant.com/plugins/view/10/wordpress-shopping-cart-plugin" target="_blank">', '</a>'); ?></span>)</small>
96
+ <?php endif; ?>
97
+
98
+ <div id="products_div" style="display:none;">
99
+ <p>
100
+ <label for="slideshow_products" style="font-weight:bold;"><?php _e('Products Source:', $this -> plugin_name); ?></label><br/>
101
+ <select name="slideshow_products" id="slideshow_products">
102
+ <option value="latest"><?php _e('Latest Products', $this -> plugin_name); ?></option>
103
+ <option value="featured"><?php _e('Featured Products', $this -> plugin_name); ?></option>
104
+ </select>
105
+ <br/><small><?php _e('Choose the source of the products', $this -> plugin_name); ?></small>
106
+ </p>
107
+ <p>
108
+ <label for="slideshow_productsnumber" style="font-weight:bold;"><?php _e('Number of Products:', $this -> plugin_name); ?></label>
109
+ <input type="text" style="width:50px;" class="" name="slideshow_productsnumber" value="10" id="slideshow_productsnumber" />
110
+ <br/><small><?php _e('The number of products to display', $this -> plugin_name); ?></small>
111
+ </p>
112
+ </div>
113
+
114
+ <div id="post_div" style="display:none;">
115
+ <script type="text/javascript">
116
+ jQuery(document).ready(function() {
117
+ var id = jQuery("#post_ID", window.parent.document).val();
118
+ jQuery('#post_id').attr('value', id).val(id);
119
+ });
120
+ </script>
121
+
122
+ <p>
123
+ <label for="post_id" style="font-weight:bold;"><?php _e('Post ID:', $this -> plugin_name); ?></label><br/>
124
+ <input type="text" class="" name="post_id" value="" id="post_id" /><br/>
125
+ <small><?php _e('ID of the post to take images from.', $this -> plugin_name); ?></small>
126
+ </p>
127
+ </div>
128
+
129
+ <div id="gallery_div" style="display:none;">
130
+ <p>
131
+ <label for="gallery_id" style="font-weight:bold;"><?php _e('Gallery:', $this -> plugin_name); ?></label>
132
+ <select name="gallery_id" id="gallery_id">
133
+ <option value=""><?php _e('- Select Gallery -', $this -> plugin_name); ?></option>
134
+ <?php if (!empty($galleries)) : ?>
135
+ <?php foreach ($galleries as $gallery) : ?>
136
+ <?php $slidescount = $wpdb -> get_var("SELECT COUNT(`id`) FROM `" . $wpdb -> prefix . "gallery_galleriesslides` WHERE `gallery_id` = '" . $gallery -> id . "'"); ?>
137
+ <option value="<?php echo $gallery -> id; ?>"><?php echo __($gallery -> title); ?> (<?php echo $slidescount; ?>)</option>
138
+ <?php endforeach; ?>
139
+ <?php endif; ?>
140
+ </select>
141
+ </p>
142
+ </div>
143
+
144
+ <p>
145
+ <label style="font-weight:bold;"><?php _e('Exclude:', $this -> plugin_name); ?></label><br/>
146
+ <input type="text" name="exclude" value="" id="exclude" /><br/>
147
+ <small><?php _e('Comma separated IDs of attachments/slides to exclude', $this -> plugin_name); ?></small>
148
+ </p>
149
+ </div>
150
+
151
+ <p><?php echo sprintf(__('For more settings/parameters, see the %sSlideshow Gallery plugin%s page.', $this -> plugin_name), '<a href="http://wordpress.org/plugins/slideshow-gallery/" target="_blank">', '</a>'); ?></p>
152
+
153
+ <div class="mceActionPanel">
154
+ <div style="float: left">
155
+ <input type="button" id="cancel" name="cancel" value="{#cancel}" onclick="closePopup()"/>
156
+ </div>
157
+
158
+ <div style="float: right">
159
+ <input type="button" id="insert" name="insert" value="{#insert}" onclick="insertTag()" />
160
+ </div>
161
+ </div>
162
+ </form>
163
+ </div>
164
+
165
+ </body>
 
 
 
 
 
 
 
 
 
166
  </html>