WP Photo Album Plus - Version 7.0.03.006

Version Description

= 7,0,03 =

This version addresses various minor bug fixes and feature requests.

= 7.0.02 =

This version addresses various bug fixes
This version addresses various security issues.

= 7.0.01 =

This version addresses various minor bug fixes and feature requests.

= 7.0.00 =

Shortcode generators for Gutenberg added.
This version addresses various minor bug fixes and feature requests.
This version addresses various security issues.
To prevent spamming and give the users the opportunity to decide when they want us to email them, the mailing system has been revised. Configure Table IX-M to enable various mailing lists, and use the WPPA+ Notify widget for full user flexibility.

= 6.9.21 =

This version addresses various bug fixes
This version addresses various security issues.

= 6.9.20 =

This version addresses various bug fixes

= 6.9.19 =

This version addresses various minor bug fixes

= 6.9.18 =

This version addresses various minor bug fixes

= 6.9.17 =

This version addresses various minor bug fixes and feature requests.
This version addresses various security issues.

= 6.9.16 =

This version addresses various minor bug fixes and feature requests.
This version addresses various security issues.

= 6.9.15 =

This version addresses various minor bug fixes and feature requests.
This version addresses various security issues.

= 6.9.14 =

This version addresses various minor bug fixes and feature requests.
This version addresses various security issues.

= 6.9.13 =

Security release.

= 6.9.12 =

This version addresses various minor bug fixes and performance improvements.

= 6.9.11 =

This version addresses various minor bug fixes and performance improvements.

= 6.9.10 =

This version addresses various minor bug fixes and performance improvements.

= 6.9.09 =

Panorama support phase III.

= 6.9.08 =

This version addresses various minor bug fixes and feature requests.
Panorama support phase II.

= 6.9.07 =

This version addresses various minor bug fixes and feature requests.
Panorama support phase I.

= 6.9.06 =

This version addresses various minor bug fixes and feature requests.

= 6.9.05 =

This version addresses various minor bug fixes and feature requests.

= 6.9.04 =

This version addresses various minor bug fixes and feature requests.
Local CDN functionality has been added.

= 6.9.03 =

This version addresses various minor bug fixes and feature requests.

= 6.9.02 =

This version addresses various minor bug fixes and feature requests.

= 6.9.01 =

This version addresses various minor bug fixes and feature requests.

= 6.9.00 =

This version includes the code for the privacy policy requirements.

= 6.8.09

This version addresses various bug fixes and code edits.

= 6.8.08 =

This version addresses various minor bug fixes and feature requests.
This version offers substantial performance improvements when the box in Table IV-A13: Defer Javascript is ticked. This setting is now recommended and set ticked as the default.
For more info on performance improvements and compatibility with optimizers: see the changelog.txt

= 6.8.07 =

This version addresses various minor bug fixes and enhancements, and a new widget: Statistics.

= 6.8.06 =

This version addresses various minor bug fixes and improved cache handling.

= 6.8.05 =

This version addresses various minor bug fixes and feture requests.

= 6.8.04 =

This version addresses various display issues and a few fixes of bugs that seldom affected the plugins behaviour.

Download this release

Release Info

Developer	opajaap
Plugin	WP Photo Album Plus
Version	7.0.03.006
Comparing to
See all releases

Code changes from version 7.0.02.002 to 7.0.03.006

Files changed (27) hide show

changelog.txt +14 -0
img/Document-File.svg +12 -0
img/Film-Clapper.svg +24 -0
img/Music-Note-1.svg +12 -0
readme.txt +6 -2
wppa-admin-functions.php +7 -7
wppa-ajax.php +61 -30
wppa-album-widget.php +74 -50
wppa-boxes-html.php +3 -3
wppa-common-functions.php +15 -4
wppa-cron.php +9 -2
wppa-encrypt.php +10 -3
wppa-filter.php +19 -2
wppa-functions.php +9 -5
wppa-import.php +6 -6
wppa-mailing.php +2 -2
wppa-maintenance.php +12 -12
wppa-photo-admin-autosave.php +21 -6
wppa-photo-files.php +12 -7
wppa-settings-autosave.php +14 -4
wppa-setup.php +2 -1
wppa-stats-widget.php +3 -3
wppa-thumbnails.php +73 -27
wppa-upload.php +88 -13
wppa-utils.php +31 -20
wppa-wrappers.php +39 -39
wppa.php +3 -3

changelog.txt CHANGED Viewed

@@ -1,5 +1,19 @@
             WP Photo Album Plus Changelog
             = 7.0.02 =
             = Bug Fixes =


1	WP Photo Album Plus Changelog
2
3	+ = 7.0.03 =
4	+
5	+ = Bug Fixes =
6	+
7	+ * Mail previous commented did not work. Fixed. ("SELECT DISTINCT")
8	+ * Local selection box in import page was empty. Fixed. (wp-content is a safe path in import glob)
9	+
10	+ = New Features =
11	+
12	+ * Indicators on thumbnails of media items when no control bar is present and on pdf document thumbnails.
13	+ * If you have no ImageMagick installed or your ImageMagick version does not convert .pdf to .jpg, you can now upload a self created image file (e.g. screenshot) after the upload of the .pdf file.
14	+ Names must be equal except the file-extension. .jpg and .png files are supported for this purpose.
15	+ * Direct rating and commenting. See Table IX-A14.
16	+
17	= 7.0.02 =
18
19	= Bug Fixes =

img/Document-File.svg ADDED Viewed

	@@ -0,0 +1,12 @@


1	+ <?xml version="1.0" encoding="utf-8"?>
2	+ <!-- Generator: Adobe Illustrator 19.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
3	+ <svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
4	+ viewBox="0 0 30 30" style="enable-background:new 0 0 30 30;" xml:space="preserve">
5	+ <path d="M25.5,0h-13c-0.1,0-0.1,0-0.2,0c-0.1,0-0.1,0.1-0.2,0.1l-8,8c0,0-0.1,0.1-0.1,0.2c0,0.1,0,0.1,0,0.2v21
6	+ C4,29.8,4.2,30,4.5,30h21c0.3,0,0.5-0.2,0.5-0.5v-29C26,0.2,25.8,0,25.5,0z M12,1.7V8H5.7L12,1.7z M21.5,27h-13
7	+ C8.2,27,8,26.8,8,26.5S8.2,26,8.5,26h13c0.3,0,0.5,0.2,0.5,0.5S21.8,27,21.5,27z M21.5,23h-13C8.2,23,8,22.8,8,22.5S8.2,22,8.5,22
8	+ h13c0.3,0,0.5,0.2,0.5,0.5S21.8,23,21.5,23z M21.5,19h-13C8.2,19,8,18.8,8,18.5S8.2,18,8.5,18h13c0.3,0,0.5,0.2,0.5,0.5
9	+ S21.8,19,21.5,19z M21.5,15h-13C8.2,15,8,14.8,8,14.5S8.2,14,8.5,14h13c0.3,0,0.5,0.2,0.5,0.5S21.8,15,21.5,15z M21.5,11h-13
10	+ C8.2,11,8,10.8,8,10.5S8.2,10,8.5,10h13c0.3,0,0.5,0.2,0.5,0.5S21.8,11,21.5,11z M21.5,7h-6C15.2,7,15,6.8,15,6.5S15.2,6,15.5,6h6
11	+ C21.8,6,22,6.2,22,6.5S21.8,7,21.5,7z"/>
12	+ </svg>

img/Film-Clapper.svg ADDED Viewed

	@@ -0,0 +1,24 @@


1	+ <?xml version="1.0" encoding="utf-8"?>
2	+ <!-- Generator: Adobe Illustrator 19.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
3	+ <svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
4	+ viewBox="0 0 30 30" style="enable-background:new 0 0 30 30;" xml:space="preserve">
5	+ <g>
6	+ <circle cx="3" cy="13" r="3"/>
7	+ <path d="M29.5,12H7.5c-0.1,0-0.3,0.1-0.4,0.2S6.9,12.4,7,12.6l0,0.2c0,0.1,0,0.2,0,0.3c0,1.2-0.6,2.3-1.5,3.1c0,0,0,0,0,0
8	+ c-0.3,0.3-0.7,0.5-1.2,0.6C4.1,16.8,4,17,4,17.2v12.3C4,29.8,4.2,30,4.5,30h23c0.3,0,0.5-0.2,0.5-0.5V17h1.5c0.3,0,0.5-0.2,0.5-0.5
9	+ v-4C30,12.2,29.8,12,29.5,12z M24.7,13H26c0,0.1-0.1,0.1-0.1,0.2L23.2,16h-1.4L24.7,13z M8.3,21.5c0.9,0,1.7,0.8,1.7,1.8
10	+ c0,1-0.6,1.7-1.5,1.7h-1C7.2,25,7,24.8,7,24.5S7.2,24,7.5,24h1C8.8,24,9,23.8,9,23.3c0-0.4-0.3-0.8-0.7-0.8H7.5
11	+ C7.2,22.5,7,22.3,7,22v-2.5C7,19.2,7.2,19,7.5,19h2c0.3,0,0.5,0.2,0.5,0.5S9.8,20,9.5,20H8v1.5H8.3z M19.8,13h1.4l-3,3h-1.4
12	+ L19.8,13z M14.7,13h1.3c0,0.1-0.1,0.1-0.1,0.2L13.2,16h-1.4L14.7,13z M7.1,15.8L9.8,13h1.4l-2.9,3H7C7,15.9,7.1,15.9,7.1,15.8z
13	+ M13.5,27h-6C7.2,27,7,26.8,7,26.5S7.2,26,7.5,26h6c0.3,0,0.5,0.2,0.5,0.5S13.8,27,13.5,27z M14,24.5c0,0.3-0.2,0.5-0.5,0.5
14	+ S13,24.8,13,24.5V24h-1.5c-0.2,0-0.3-0.1-0.4-0.2s-0.1-0.3,0-0.5l2-4c0.1-0.2,0.4-0.3,0.7-0.2c0.2,0.1,0.3,0.4,0.2,0.7L12.3,23h1.2
15	+ c0.3,0,0.5,0.2,0.5,0.5V24.5z M24.5,27h-7c-0.3,0-0.5-0.2-0.5-0.5s0.2-0.5,0.5-0.5h7c0.3,0,0.5,0.2,0.5,0.5S24.8,27,24.5,27z
16	+ M24.5,24h-7c-0.3,0-0.5-0.2-0.5-0.5s0.2-0.5,0.5-0.5h7c0.3,0,0.5,0.2,0.5,0.5S24.8,24,24.5,24z M24.5,21h-7
17	+ c-0.3,0-0.5-0.2-0.5-0.5s0.2-0.5,0.5-0.5h7c0.3,0,0.5,0.2,0.5,0.5S24.8,21,24.5,21z M29,15.2L28.2,16h-0.7h-0.7l2.2-2.2V15.2z"/>
18	+ <path d="M4,9.1c1.2,0.3,2.3,1.2,2.7,2.4c0.1,0.2,0.3,0.3,0.5,0.3c0.1,0,0.1,0,0.2,0l20.5-7.1c0.3-0.1,0.4-0.4,0.3-0.6L27,0.3
19	+ c0-0.1-0.1-0.2-0.3-0.3C26.6,0,26.5,0,26.3,0l-2.8,1L4,8.2C3.8,8.3,3.6,8.5,3.6,8.7S3.8,9.1,4,9.1z M24.7,1.7l2,1.2l0.3,1l-0.3,0.1
20	+ l-3.2-2L24.7,1.7z M20.5,3.2l3.1,1.9c0,0,0,0,0.1,0.1l-1.2,0.4l-3-1.9c0,0-0.1-0.1-0.1-0.1L20.5,3.2z M16.1,4.8l2.8,1.7
21	+ C19,6.6,19,6.7,19.1,6.8L18,7.1l-3-1.9L16.1,4.8z M11.7,6.4l3,1.8c0,0,0,0,0,0l-1.2,0.4l-2.9-1.8c0,0,0,0,0,0L11.7,6.4z M7,8.2
22	+ L9.7,10l-1.2,0.4L5.8,8.6L7,8.2z"/>
23	+ </g>
24	+ </svg>

img/Music-Note-1.svg ADDED Viewed

	@@ -0,0 +1,12 @@


1	+ <?xml version="1.0" encoding="utf-8"?>
2	+ <!-- Generator: Adobe Illustrator 19.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
3	+ <svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
4	+ viewBox="0 0 30 30" style="enable-background:new 0 0 30 30;" xml:space="preserve">
5	+ <g>
6	+ <path d="M27,20.8C27,20.8,27,20.8,27,20.8l0-14.5c0,0,0,0,0,0v-4c0-0.3-0.2-0.7-0.5-0.8c-0.3-0.2-0.6-0.2-0.9-0.1l-15,6.5
7	+ C10.2,8,10,8.4,10,8.8v3.5c0,0,0,0,0,0v9.9c-0.5-0.2-1.2-0.3-1.8-0.3c-0.5,0-1,0.1-1.5,0.2c-2.5,0.6-4.1,2.6-3.6,4.4
8	+ c0.3,1.4,1.9,2.4,3.8,2.4c0.5,0,1-0.1,1.5-0.2c2.2-0.6,3.7-2.1,3.7-3.8c0,0,0,0,0,0V12.9l13-5.2v10.4c-0.5-0.2-1.2-0.3-1.8-0.3
9	+ c-0.5,0-1,0.1-1.5,0.2c-2.5,0.6-4.1,2.6-3.6,4.4c0.3,1.4,1.9,2.4,3.8,2.4c0.5,0,1-0.1,1.5-0.2C25.5,24,27,22.4,27,20.8z M12,10.8
10	+ V9.4l13-5.6v1.8L12,10.8z"/>
11	+ </g>
12	+ </svg>

readme.txt CHANGED Viewed

	@@ -2,8 +2,8 @@
2	Contributors: opajaap
3	Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=OpaJaap@OpaJaap.nl&item_name=WP-Photo-Album-Plus&item_number=Support-Open-Source&currency_code=USD&lc=US
4	Tags: photo, album, slideshow, video, audio, lightbox, iptc, exif, cloudinary, fotomoto, imagemagick, pdf
5	- Version: 7.0.02
6	- Stable tag: 7.0.01.~~006~~
7	Author: J.N. Breetvelt
8	Author URI: http://www.opajaap.nl/
9	Requires at least: 3.9
	@@ -137,6 +137,10 @@ See for the full changelog: <a href="http://www.wppa.nl/changelog/" >The documen
137
138	== Upgrade Notice ==
139




140	= 7.0.02 =
141
142	* This version addresses various bug fixes


2	Contributors: opajaap
3	Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=OpaJaap@OpaJaap.nl&item_name=WP-Photo-Album-Plus&item_number=Support-Open-Source&currency_code=USD&lc=US
4	Tags: photo, album, slideshow, video, audio, lightbox, iptc, exif, cloudinary, fotomoto, imagemagick, pdf
5	+ Version: 7.0.03
6	+ Stable tag: 7.0.02.002
7	Author: J.N. Breetvelt
8	Author URI: http://www.opajaap.nl/
9	Requires at least: 3.9

137
138	== Upgrade Notice ==
139
140	+ = 7,0,03 =
141	+
142	+ * This version addresses various minor bug fixes and feature requests.
143	+
144	= 7.0.02 =
145
146	* This version addresses various bug fixes

wppa-admin-functions.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	* Package: wp-photo-album-plus
4	*
5	* gp admin functions
6	- * Version 7.0.02
7	*
8	*/
9
	@@ -194,25 +194,25 @@ global $wpdb;
194	// display usefull message
195	function wppa_update_message( $msg, $fixed = false, $id = '' ) {
196
197	- echo '<div class="notice notice-info is-dismissible"><p>' . strip_tags( $msg, '<br><input><div><em><strong><b>' ) . '</p></div>';
198	}
199
200	// display error message
201	function wppa_error_message( $msg ) {
202
203	- echo '<div class="notice notice-error is-dismissible"><p>' . strip_tags( $msg, '<br><input><div><em><strong><b>' ) . '</p></div>';
204	}
205
206	// display warning message
207	function wppa_warning_message( $msg ) {
208
209	- echo '<div class="notice notice-warning is-dismissible"><p>' . strip_tags( $msg, '<br><input><div><em><strong><b>' ) . '</p></div>';
210	}
211
212	// display ok message
213	function wppa_ok_message( $msg ) {
214
215	- echo '<div class="notice notice-success is-dismissible"><p>' . strip_tags( $msg, '<br><input><div><em><strong><b>' ) . '</p></div>';
216	}
217
218	function wppa_check_numeric( $value, $minval, $target, $maxval = '' ) {
	@@ -723,10 +723,10 @@ global $warning_given_small;
723
724	if ( ! wppa_allow_uploads( $alb ) ) {
725	if ( is_admin() && ! wppa( 'ajax' ) ) {
726	- wppa_error_message( sprintf( __( 'Album %s is full' , 'wp-photo-album-plus'), wppa_get_album_name( $alb ) ) );
727	}
728	else {
729	- wppa_alert( sprintf( __( 'Album %s is full' , 'wp-photo-album-plus'), wppa_get_album_name( $alb ) ) );
730	}
731	return false;
732	}


3	* Package: wp-photo-album-plus
4	*
5	* gp admin functions
6	+ * Version 7.0.03
7	*
8	*/
9

194	// display usefull message
195	function wppa_update_message( $msg, $fixed = false, $id = '' ) {
196
197	+ echo '<div class="notice notice-info is-dismissible"><p>' . strip_tags( $msg, '<a><br><input><div><em><strong><b>' ) . '</p></div>';
198	}
199
200	// display error message
201	function wppa_error_message( $msg ) {
202
203	+ echo '<div class="notice notice-error is-dismissible"><p>' . strip_tags( $msg, '<a><br><input><div><em><strong><b>' ) . '</p></div>';
204	}
205
206	// display warning message
207	function wppa_warning_message( $msg ) {
208
209	+ echo '<div class="notice notice-warning is-dismissible"><p>' . strip_tags( $msg, '<a><br><input><div><em><strong><b>' ) . '</p></div>';
210	}
211
212	// display ok message
213	function wppa_ok_message( $msg ) {
214
215	+ echo '<div class="notice notice-success is-dismissible"><p>' . strip_tags( $msg, '<a><br><input><div><em><strong><b>' ) . '</p></div>';
216	}
217
218	function wppa_check_numeric( $value, $minval, $target, $maxval = '' ) {

723
724	if ( ! wppa_allow_uploads( $alb ) ) {
725	if ( is_admin() && ! wppa( 'ajax' ) ) {
726	+ wppa_error_message( htmlentities( sprintf( __( 'Album %s is full' , 'wp-photo-album-plus'), wppa_get_album_name( $alb ) ) ) );
727	}
728	else {
729	+ wppa_alert( htmlentities( sprintf( __( 'Album %s is full' , 'wp-photo-album-plus'), wppa_get_album_name( $alb ) ) ) );
730	}
731	return false;
732	}

wppa-ajax.php CHANGED Viewed

	@@ -2,7 +2,7 @@
2	/* wppa-ajax.php
3	*
4	* Functions used in ajax requests
5	- * Version 7.0.01
6	*
7	*/
8
	@@ -32,8 +32,8 @@ global $wppa_log_file;
32	'relcount', 'upldr', 'owner', 'rootsearch' );
33	foreach ( $_REQUEST as $arg ) {
34	if ( in_array( str_replace( 'wppa-', '', $arg ), $wppa_args ) ) {
35	- if ( strpos( $arg, '<?' ) !== false ) ~~die~~( '~~Security check failure #~~91' );
36	- if ( strpos( $arg, '?>' ) !== false ) ~~die~~( '~~Security check failure #~~92' );
37	}
38	}
39
	@@ -68,8 +68,7 @@ global $wppa_log_file;
68	// Check nonce or crypt
69	if ( $nonce ) {
70	if ( ! wp_verify_nonce( $nonce, 'wppa-ntfy-nonce' ) ) {
71	- _e( '~~Security check failure~~', ~~'wp-photo-album-plus'~~ );
72	- wppa_exit();
73	}
74	$user_id = wppa_get_user( 'id' );
75	}
	@@ -77,14 +76,12 @@ global $wppa_log_file;
77	$user = get_user_by( 'ID', $user_id );
78	if ( $user ) {
79	if ( $crypt != crypt( $list_type . $user->ID . $user->login_name, $user->display_name ) ) {
80	- _e( '~~Security check failure~~', ~~'wp-photo-album-plus'~~ );
81	- wppa_exit();
82	}
83	}
84	}
85	else {
86	- _e( '~~Security check failure~~', ~~'wp-photo-album-plus'~~ );
87	- wppa_exit();
88	}
89
90	// Existing list type?
	@@ -433,20 +430,32 @@ global $wppa_log_file;
433
434	case 'do-comment':
435
436	- // ~~Security~~ ~~check~~
437	$mocc = isset( $_REQUEST['moccur'] ) ? strval( intval( $_REQUEST['moccur'] ) ) : '0';
438	- $nonce = $_REQUEST['wppa-nonce'];
439	- $photoid = isset( $_REQUEST['photo-id'] ) ? ~~strval~~( ~~intval(~~ $_REQUEST['photo-id'] ) ) : '0';
440	$commentid = isset( $_REQUEST['comment-edit'] ) ? strval( intval( $_REQUEST['comment-edit'] ) ) : '0';
441
442	- if ( ~~! wp_verify_nonce( $nonce, 'wppa-nonce-'.$mocc ) ) {~~
443	- _e( '~~Security~~ ~~check~~ ~~failure~~' , '~~wp-photo-album-plus~~');
444	- ~~wppa_exit~~();




445	}
446	-
447	- // ~~Correct~~ ~~the~~ ~~fact~~ ~~that~~ ~~this is a non~~-~~admin~~ ~~operation,~~ if ~~it is only~~
448	- if ( ~~is_admin()~~ ) {
449	- ~~require_once 'wppa-non-admin.php';~~








450	}
451
452	// If db agree required, see if it is present
	@@ -532,7 +541,7 @@ global $wppa_log_file;
532	echo sprintf( __( 'Failed to update stutus of photo %d' , 'wp-photo-album-plus'), $pid )."\n".__( 'Please refresh the page', 'wp-photo-album-plus' );
533	}
534	else {
535	- _e( '~~Security check failure~~' ~~, 'wp-photo-album-plus'~~);
536	}
537	}
538	if ( $cid ) {
	@@ -920,13 +929,8 @@ global $wppa_log_file;
920	break;
921
922	case 'rate':
923	- // Correct the fact that this is a non-admin operation, if it is only
924	- if ( is_admin() ) {
925	- require_once 'wppa-non-admin.php';
926	- }
927	-
928	// Get commandline args
929	- $photo = wppa_decrypt_photo( $_REQUEST['wppa-rating-id'], ~~false, true~~ );
930	$photo = strval( intval( $photo ) );
931	$rating = $_REQUEST['wppa-rating'];
932	$occur = $_REQUEST['wppa-occur'];
	@@ -940,11 +944,31 @@ global $wppa_log_file;
940	$wartxt = __( 'Althoug an error occurred while processing your rating, your vote has been registered.' , 'wp-photo-album-plus');
941	$wartxt .= "\n".__( 'However, this may not be reflected in the current pageview' , 'wp-photo-album-plus');
942
943	- // ~~Check~~ ~~on validity~~
944	- if ( ! ~~wp_verify_nonce~~( ~~$nonce,~~ '~~wppa-check~~' ) ) {
945	- ~~echo~~ '0\|\|~~100\|\|~~'~~.$errtxt;~~
946	- ~~wppa_exit~~(~~); //~~ ~~Nonce~~ ~~check~~ ~~failed~~



947	}

















948	if ( wppa_opt( 'rating_max' ) == '1' && $rating != '1' ) {
949	echo '0\|\|106\|\|'.$errtxt.':'.$rating;
950	wppa_exit(); // Value out of range
	@@ -3668,3 +3692,10 @@ function wppa_ajax_check_range( $value, $fixed, $low, $high, $title ) {
3668	}
3669	}
3670


2	/* wppa-ajax.php
3	*
4	* Functions used in ajax requests
5	+ * Version 7.0.03
6	*
7	*/
8

32	'relcount', 'upldr', 'owner', 'rootsearch' );
33	foreach ( $_REQUEST as $arg ) {
34	if ( in_array( str_replace( 'wppa-', '', $arg ), $wppa_args ) ) {
35	+ if ( strpos( $arg, '<?' ) !== false ) wppa_secfail( '91' );
36	+ if ( strpos( $arg, '?>' ) !== false ) wppa_secfail( '92' );
37	}
38	}
39

68	// Check nonce or crypt
69	if ( $nonce ) {
70	if ( ! wp_verify_nonce( $nonce, 'wppa-ntfy-nonce' ) ) {
71	+ wppa_secfail( '80' );

72	}
73	$user_id = wppa_get_user( 'id' );
74	}

76	$user = get_user_by( 'ID', $user_id );
77	if ( $user ) {
78	if ( $crypt != crypt( $list_type . $user->ID . $user->login_name, $user->display_name ) ) {
79	+ wppa_secfail( '81' );

80	}
81	}
82	}
83	else {
84	+ wppa_secfail( '82' );

85	}
86
87	// Existing list type?

430
431	case 'do-comment':
432
433	+ // Validate args
434	$mocc = isset( $_REQUEST['moccur'] ) ? strval( intval( $_REQUEST['moccur'] ) ) : '0';
435	+ $nonce = isset( $_REQUEST['wppa-nonce'] ) ? $_REQUEST['wppa-nonce'] : '0';
436	+ $photoid = isset( $_REQUEST['photo-id'] ) ? wppa_decrypt_photo( $_REQUEST['photo-id'] ) : '0';
437	$commentid = isset( $_REQUEST['comment-edit'] ) ? strval( intval( $_REQUEST['comment-edit'] ) ) : '0';
438
439	+ // Security check
440	+ if ( wppa_switch( 'direct_comment' ) && wppa_switch( 'use_encrypted_links' ) && wppa_switch( 'refuse_unencrypted' ) ) {
441	+ if ( ! $photoid \|\| ( wppa_get_photo_item( $photoid, 'album' ) < '1' ) ) {
442	+ _e( 'Missing or invalid photo id' , 'wp-photo-album-plus');
443	+ wppa_exit();
444	+ }
445	+ wppa_log('dbg', 'Bypassed nonce');
446	}
447	+ else {
448	+ if ( ! wp_verify_nonce( $nonce, 'wppa-nonce-'.$mocc ) ) {
449	+ wppa_secfail( '70' );
450	+ }
451	+ if ( ! $photoid \|\| ( wppa_get_photo_item( $photoid, 'album' ) < '1' ) ) {
452	+ wppa_secfail( '71' );
453	+ }
454	+ }
455	+
456	+ // Check login
457	+ if ( wppa_switch( 'comment_login' ) && ! is_user_logged_in() ) {
458	+ wppa_secfail( '72' );
459	}
460
461	// If db agree required, see if it is present

541	echo sprintf( __( 'Failed to update stutus of photo %d' , 'wp-photo-album-plus'), $pid )."\n".__( 'Please refresh the page', 'wp-photo-album-plus' );
542	}
543	else {
544	+ wppa_secfail( '21' );
545	}
546	}
547	if ( $cid ) {

929	break;
930
931	case 'rate':





932	// Get commandline args
933	+ $photo = wppa_decrypt_photo( $_REQUEST['wppa-rating-id'] );
934	$photo = strval( intval( $photo ) );
935	$rating = $_REQUEST['wppa-rating'];
936	$occur = $_REQUEST['wppa-occur'];

944	$wartxt = __( 'Althoug an error occurred while processing your rating, your vote has been registered.' , 'wp-photo-album-plus');
945	$wartxt .= "\n".__( 'However, this may not be reflected in the current pageview' , 'wp-photo-album-plus');
946
947	+ // Security check
948	+ if ( wppa_switch( 'direct_comment' ) && wppa_switch( 'use_encrypted_links' ) && wppa_switch( 'refuse_unencrypted' ) ) {
949	+ if ( ! $photo \|\| ( wppa_get_photo_item( $photo, 'album' ) < '1' ) ) {
950	+ echo '0\|\|100\|\|'.__( 'Missing or invalid photo id' , 'wp-photo-album-plus');
951	+ wppa_exit();
952	+ }
953	+ wppa_log('dbg', 'Bypassed nonce');
954	}
955	+ else {
956	+ if ( ! wp_verify_nonce( $nonce, 'wppa-check' ) ) {
957	+ echo '0\|\|100\|\|'.$errtxt;
958	+ wppa_exit();
959	+ }
960	+ if ( ! $photo \|\| ( wppa_get_photo_item( $photo, 'album' ) < '1' ) ) {
961	+ _e( 'Missing or invalid photo id' , 'wp-photo-album-plus');
962	+ wppa_exit();
963	+ }
964	+ }
965	+
966	+ // Check login
967	+ if ( wppa_switch( 'rating_login' ) && ! is_user_logged_in() ) {
968	+ wppa_secfail( '40' );
969	+ }
970	+
971	+ // Check on validity
972	if ( wppa_opt( 'rating_max' ) == '1' && $rating != '1' ) {
973	echo '0\|\|106\|\|'.$errtxt.':'.$rating;
974	wppa_exit(); // Value out of range

3692	}
3693	}
3694
3695	+ // Print security check failure message and exit
3696	+ function wppa_secfail( $id, $prolog = '' ) {
3697	+
3698	+ $text = sprintf( __( 'Security check failure %d', 'wp-photo-album-plus' ), $id );
3699	+ echo ( $prolog . ' ' . $text );
3700	+ wppa_exit();
3701	+ }

wppa-album-widget.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	* Package: wp-photo-album-plus
4	*
5	* display thumbnail albums
6	- * Version 6.9.21
7	*/
8
9	if ( ! defined( 'ABSPATH' ) ) die( "Can't load this file directly" );
	@@ -138,8 +138,8 @@ class AlbumWidget extends WP_Widget {
138	'<div' .
139	' class="wppa-widget"' .
140	' style="' .
141	- 'width:' . $maxw . 'px;' .
142	- 'height:' . $maxh . 'px;' .
143	'margin:4px;' .
144	'display:inline;' .
145	'text-align:center;' .
	@@ -151,7 +151,14 @@ class AlbumWidget extends WP_Widget {
151
152	if ( $link ) {
153	if ( $link['is_url'] ) { // Is a href
154	- $widget_content .= ~~"\n\t".~~'~~<a href="'.$link['url'].'" title="'.$title.'" target="'.$link['target'].'" >';~~







155	if ( $imageid && wppa_is_video( $image['id'] ) ) {
156	$widget_content .= wppa_get_video_html( array( 'id' => $image['id'],
157	'width' => $width,
	@@ -167,9 +174,20 @@ class AlbumWidget extends WP_Widget {
167	);
168	}
169	else {
170	- $widget_content .= ~~"\n\t\t".~~'<img id="i-'.$image['id'].'-'.wppa( 'mocc' ).'" title="'.$title.'" src="'.$imgurl.'" width="'.$width.'" height="'.$height.'" style="'.$imgstyle.' cursor:pointer;" '.$imgevents.' '.wppa_get_imgalt($image['id']).' >';










171	}
172	- $widget_content .= ~~"\n\t".~~'~~</a>';~~

173	}
174	elseif ( $link['is_lightbox'] ) {
175	$thumbs = $wpdb->get_results($wpdb->prepare("SELECT * FROM $wpdb->wppa_photos WHERE album = %s ".wppa_get_photo_order($album['id']), $album['id']), 'ARRAY_A');
	@@ -187,14 +205,14 @@ class AlbumWidget extends WP_Widget {
187	$is_video = wppa_is_video( $thumb['id'] );
188	$has_audio = wppa_has_audio( $thumb['id'] );
189
190	- $widget_content .= ~~"\n\t" .~~
191	- '<a href="'.$link.'"' .
192	( $is_video ? ' data-videohtml="' . esc_attr( wppa_get_video_body( $thumb['id'] ) ) . '"' .
193	- ' data-videonatwidth="'.wppa_get_videox( $thumb['id'] ).'"' .
194	- ' data-videonatheight="'.wppa_get_videoy( $thumb['id'] ).'"' : '' ) .
195	( $has_audio ? ' data-audiohtml="' . esc_attr( wppa_get_audio_body( $thumb['id'] ) ) . '"' : '' ) .
196	- ' ' . wppa( 'rel' ) . '="'.wppa_opt( 'lightbox_name' ).'[alw-'.wppa( 'mocc' ).'-'.$album['id'].']"' .
197	- ' ' . wppa( 'lbtitle' ) . '="'.$title.'"' .
198	wppa_get_lb_panorama_full_html( $id ) .
199	' data-alt="' . esc_attr( wppa_get_imgalt( $thumb['id'], true ) ) . '"' .
200	' style="cursor:' . wppa_wait() . ';"' .
	@@ -216,20 +234,21 @@ class AlbumWidget extends WP_Widget {
216	);
217	}
218	else {
219	- $widget_content .= ~~"\n\t\t" .~~
220	- '<img~~' .~~
221	- ' id="i-'.$image['id'].'-'.wppa( 'mocc' ).'"~~' .~~
222	- ' title="'.wppa_zoom_in( $image['id'] ).'"~~' .~~
223	- ' src="'.$imgurl.'"~~' .~~
224	- ' width="'.$width.'"~~' .~~
225	- ' height="'.$height.'"~~' .~~
226	- ' style="'.$imgstyle.'" ' .
227	- $imgevents . ' ' .
228	- wppa_get_imgalt( $image['id'] ) .
229	- ' >';
230	}
231	}
232	- $widget_content .= ~~"\n\t".~~'~~</a>';~~

233	}
234	}
235	else { // Is an onclick unit
	@@ -248,18 +267,18 @@ class AlbumWidget extends WP_Widget {
248	);
249	}
250	else {
251	- $widget_content .= ~~"\n\t" .~~
252	- '<img~~' .~~
253	- ' id="i-'.$image['id'].'-'.wppa( 'mocc' ).'"~~' .~~
254	- ' title="'.$title.'"~~' .~~
255	- ' src="'.$imgurl.'"~~' .~~
256	- ' width="'.$width.'"~~' .~~
257	- ' height="'.$height.'"~~' .~~
258	- ' style="'.$imgstyle.' cursor:pointer;" ' .
259	- $imgevents .
260	- ' onclick="' . $link['url'] . '" ' .
261	- wppa_get_imgalt($image['id']) .
262	- ' >';
263	}
264	}
265	}
	@@ -279,25 +298,29 @@ class AlbumWidget extends WP_Widget {
279	);
280	}
281	else {
282	- $widget_content .= ~~"\n\t" .~~
283	- '<img~~' .~~
284	- ' id="i-'.$image['id'].'-'.wppa( 'mocc' ).'"~~' .~~
285	- ' title="'.$title.'"~~' .~~
286	- ' src="'.$imgurl.'"~~' .~~
287	- ' width="'.$width.'"~~' .~~
288	- ' height="'.$height.'"~~' .~~
289	- ' style="'.$imgstyle.'" ' .
290	- $imgevents . ' ' .
291	- ( $imageid ? wppa_get_imgalt( $image['id'] ) : '' ) .
292	- ' >';
293	}
294	}
295
296	if ( wppa_checked( $instance['name'] ) ) {
297	- $widget_content .= ~~"\n\t".~~'~~<span style="font-size:'.wppa_opt( 'fontsize_widget_thumb' ).'px; min-height:100%;">'.__(stripslashes($album['name']), 'wp-photo-album-plus').'</span>';~~



298	}
299
300	- $widget_content .= ~~"\n".~~'~~</div>';~~

301
302	$count++;
303	}
	@@ -309,7 +332,8 @@ class AlbumWidget extends WP_Widget {
309
310	$widget_content .= '<div style="clear:both"></div>';
311
312	- $widget_content .= ~~"\n".~~'~~<!-- WPPA+ thumbnail Widget end -->';~~

313
314	echo "\n" . $before_widget;
315	if ( ! empty( $widget_title ) ) {


3	* Package: wp-photo-album-plus
4	*
5	* display thumbnail albums
6	+ * Version 7.0.03
7	*/
8
9	if ( ! defined( 'ABSPATH' ) ) die( "Can't load this file directly" );

138	'<div' .
139	' class="wppa-widget"' .
140	' style="' .
141	+ 'width:' . strval( intval( $maxw ) ) . 'px;' .
142	+ 'height:' . strval( intval( $maxh ) ) . 'px;' .
143	'margin:4px;' .
144	'display:inline;' .
145	'text-align:center;' .

151
152	if ( $link ) {
153	if ( $link['is_url'] ) { // Is a href
154	+ $widget_content .= '
155	+ <a
156	+ href="' . esc_url( $link['url'] ) . '"
157	+ title="' . esc_attr( $title ) . '"
158	+ target="' . esc_attr( $link['target'] ) . '"
159	+ >';
160	+
161	+ // Video?
162	if ( $imageid && wppa_is_video( $image['id'] ) ) {
163	$widget_content .= wppa_get_video_html( array( 'id' => $image['id'],
164	'width' => $width,

174	);
175	}
176	else {
177	+ $widget_content .= '
178	+ <img
179	+ id="i-' . strval( intval( $image['id'] ) ) . '-' . wppa( 'mocc' ) . '"
180	+ title="' . esc_attr( $title ) . '"
181	+ src="' . esc_url( $imgurl ) . '"
182	+ width="' . esc_attr( $width ) . '"
183	+ height="' . esc_attr( $height ) . '"
184	+ style="' . esc_attr( $imgstyle . ' cursor:pointer;' ) . '" ' .
185	+ $imgevents . ' ' .
186	+ wppa_get_imgalt( $image['id'] ) . '
187	+ />';
188	}
189	+ $widget_content .= '
190	+ </a>';
191	}
192	elseif ( $link['is_lightbox'] ) {
193	$thumbs = $wpdb->get_results($wpdb->prepare("SELECT * FROM $wpdb->wppa_photos WHERE album = %s ".wppa_get_photo_order($album['id']), $album['id']), 'ARRAY_A');

205	$is_video = wppa_is_video( $thumb['id'] );
206	$has_audio = wppa_has_audio( $thumb['id'] );
207
208	+ $widget_content .= '
209	+ <a href="' . esc_url( $link ) . '"' .
210	( $is_video ? ' data-videohtml="' . esc_attr( wppa_get_video_body( $thumb['id'] ) ) . '"' .
211	+ ' data-videonatwidth="' . esc_attr( wppa_get_videox( $thumb['id'] ) ) . '"' .
212	+ ' data-videonatheight="' . esc_attr( wppa_get_videoy( $thumb['id'] ) ) . '"' : '' ) .
213	( $has_audio ? ' data-audiohtml="' . esc_attr( wppa_get_audio_body( $thumb['id'] ) ) . '"' : '' ) .
214	+ ' ' . wppa( 'rel' ) . '="' . esc_attr( wppa_opt( 'lightbox_name' ) . '[alw-' . wppa( 'mocc' ) . '-' . $album['id'] . '] ' ) . '"' .
215	+ ' ' . wppa( 'lbtitle' ) . '="' . esc_attr( $title ) . '"' .
216	wppa_get_lb_panorama_full_html( $id ) .
217	' data-alt="' . esc_attr( wppa_get_imgalt( $thumb['id'], true ) ) . '"' .
218	' style="cursor:' . wppa_wait() . ';"' .

234	);
235	}
236	else {
237	+ $widget_content .= '
238	+ <img
239	+ id="i-' . strval( intval( $image['id'] ) ) . '-' . wppa( 'mocc' ) . '"
240	+ title="' . esc_attr( wppa_zoom_in( $image['id'] ) ) . '"
241	+ src="' . esc_url( $imgurl ) . '"
242	+ width="' . esc_attr( $width ) . '"
243	+ height="' . esc_attr( $height ) . '"
244	+ style="' . esc_attr( $imgstyle ) . '" ' .
245	+ $imgevents . ' ' .
246	+ wppa_get_imgalt( $image['id'] ) . '
247	+ />';
248	}
249	}
250	+ $widget_content .= '
251	+ </a>';
252	}
253	}
254	else { // Is an onclick unit

267	);
268	}
269	else {
270	+ $widget_content .= '
271	+ <img
272	+ id="i-' . strval( intval( $image['id'] ) ) . '-' . wppa( 'mocc' ) . '"
273	+ title="' . esc_attr( $title ) . '"
274	+ src="' . esc_url( $imgurl ) . '"
275	+ width="' . strval( intval( $width ) ) . '"
276	+ height="' . strval( intval( $height ) ) . '"
277	+ style="' . esc_attr( $imgstyle . ' cursor:pointer;' ) . '" ' .
278	+ $imgevents . ' ' . '
279	+ onclick="' . esc_url( $link['url'] ) . '" ' .
280	+ wppa_get_imgalt( $image['id'] ) . '
281	+ />';
282	}
283	}
284	}

298	);
299	}
300	else {
301	+ $widget_content .= '
302	+ <img
303	+ id="i-' . strval( intval( $image['id'] ) ) . '-' . wppa( 'mocc' ) . '"
304	+ title="' . esc_attr( $title ) . '"
305	+ src="' . esc_url( $imgurl ) . '"
306	+ width="' . strval( intval( $width ) ) . '"
307	+ height="' . strval( intval( $height ) ) . '"
308	+ style="' . esc_attr( $imgstyle ) . '" ' .
309	+ $imgevents . ' ' .
310	+ ( $imageid ? wppa_get_imgalt( $image['id'] ) : '' ) . '
311	+ />';
312	}
313	}
314
315	if ( wppa_checked( $instance['name'] ) ) {
316	+ $widget_content .= '
317	+ <span style="font-size:' . strval( intval( wppa_opt( 'fontsize_widget_thumb' ) ) ) . 'px; min-height:100%;" >' .
318	+ htmlentities( __( stripslashes( $album['name'] ) ) ) . '
319	+ </span>';
320	}
321
322	+ $widget_content .= '
323	+ </div>';
324
325	$count++;
326	}

332
333	$widget_content .= '<div style="clear:both"></div>';
334
335	+ $widget_content .= '
336	+ <!-- WPPA+ thumbnail Widget end -->';
337
338	echo "\n" . $before_widget;
339	if ( ! empty( $widget_title ) ) {

wppa-boxes-html.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	* Package: wp-photo-album-plus
4	*
5	* Various wppa boxes
6	- * Version 7.0.02
7	*
8	*/
9
	@@ -2675,7 +2675,7 @@ static $albums_granted;
2675	if ( $may_audio ) {
2676	$accept .= ',.' . implode( ',.', $wppa_supported_audio_extensions );
2677	}
2678	- if ( ~~wppa_can_pdf~~() ) {
2679	$accept .= ',.pdf';
2680	}
2681
	@@ -3790,7 +3790,7 @@ global $wpdb;
3790	}
3791
3792	$result .=
3793	- '<input type="button" name="commentbtn" onclick="wppaAjaxComment( '.wppa( 'mocc' ).', '.$id.' )" value="'.$btn.'" style="margin:0 4px 0 0;" />' .
3794	'<img id="wppa-comment-spin-'.wppa( 'mocc' ).'" src="'.wppa_get_imgdir().'spinner.gif" style="display:none;" />' .
3795	'</td>' .
3796	'<td valign="top" class="wppa-box-text wppa-td" style="vertical-align:top; width:70%;background-color:transparent;'.wppa_wcs( 'wppa-box-text' ).wppa_wcs( 'wppa-td' ).'" >';


3	* Package: wp-photo-album-plus
4	*
5	* Various wppa boxes
6	+ * Version 7.0.03
7	*
8	*/
9

2675	if ( $may_audio ) {
2676	$accept .= ',.' . implode( ',.', $wppa_supported_audio_extensions );
2677	}
2678	+ if ( wppa_switch( 'enable_pdf' ) ) {
2679	$accept .= ',.pdf';
2680	}
2681

3790	}
3791
3792	$result .=
3793	+ '<input type="button" name="commentbtn" onclick="wppaAjaxComment( '.wppa( 'mocc' ).', /'.wppa_encrypt_photo($id).'/ )" value="'.$btn.'" style="margin:0 4px 0 0;" />' .
3794	'<img id="wppa-comment-spin-'.wppa( 'mocc' ).'" src="'.wppa_get_imgdir().'spinner.gif" style="display:none;" />' .
3795	'</td>' .
3796	'<td valign="top" class="wppa-box-text wppa-td" style="vertical-align:top; width:70%;background-color:transparent;'.wppa_wcs( 'wppa-box-text' ).wppa_wcs( 'wppa-td' ).'" >';

wppa-common-functions.php CHANGED Viewed

	@@ -2,7 +2,7 @@
2	/* wppa-common-functions.php
3	*
4	* Functions used in admin and in themes
5	- * Version 7.0.02
6	*
7	*/
8
	@@ -1055,7 +1055,7 @@ function wppa_clear_cache( $force = false ) {
1055	global $cache_path;
1056
1057	// Schedule a cron job. This is the normal operation
1058	- if ( ! $force ) {
1059	wppa_schedule_clear_cache();
1060	return;
1061	}
	@@ -1127,6 +1127,7 @@ global $wppa;
1127
1128	if ( $escape ) {
1129	$msg = json_encode( $msg );

1130	}
1131	else {
1132	$msg = htmlentities( strip_tags( $msg ) );
	@@ -1923,10 +1924,13 @@ global $wpdb;
1923
1924	function wppa_delete_obsolete_tempfiles( $force = false ) {
1925


1926	// To prevent filling up diskspace, divide lifetime by 2 and repeat removing obsolete files until count <= 10
1927	- $filecount = ~~101~~;
1928	$lifetime = 3600;
1929	- $max = $force ? 1 : ~~100~~;

1930
1931	while ( $filecount > $max ) {
1932
	@@ -1944,6 +1948,10 @@ function wppa_delete_obsolete_tempfiles( $force = false ) {
1944	$modified = filemtime( $file );
1945	if ( $modified < $expired \|\| $force ) {
1946	@ unlink( $file );




1947	}
1948	else {
1949	$filecount++;
	@@ -1953,6 +1961,9 @@ function wppa_delete_obsolete_tempfiles( $force = false ) {
1953	}
1954	$lifetime /= 2;
1955	}



1956	}
1957
1958	function wppa_publish_scheduled() {


2	/* wppa-common-functions.php
3	*
4	* Functions used in admin and in themes
5	+ * Version 7.0.03
6	*
7	*/
8

1055	global $cache_path;
1056
1057	// Schedule a cron job. This is the normal operation
1058	+ if ( ! $force && ! wppa_is_cron() ) {
1059	wppa_schedule_clear_cache();
1060	return;
1061	}

1127
1128	if ( $escape ) {
1129	$msg = json_encode( $msg );
1130	+ $msg = trim( $msg, '"' );
1131	}
1132	else {
1133	$msg = htmlentities( strip_tags( $msg ) );

1924
1925	function wppa_delete_obsolete_tempfiles( $force = false ) {
1926
1927	+ wppa_log( 'dbg', 'wppa_delete_obsolete_tempfiles()', true );
1928	+
1929	// To prevent filling up diskspace, divide lifetime by 2 and repeat removing obsolete files until count <= 10
1930	+ $filecount = 51;
1931	$lifetime = 3600;
1932	+ $max = $force ? 1 : 50;
1933	+ $delcount = 0;
1934
1935	while ( $filecount > $max ) {
1936

1948	$modified = filemtime( $file );
1949	if ( $modified < $expired \|\| $force ) {
1950	@ unlink( $file );
1951	+ if ( ! is_file( $file ) ) {
1952	+ wppa_log( 'fso', 'Deleted tempfile ' . str_replace( WPPA_ABSPATH, '', $file ) );
1953	+ $delcount++;
1954	+ }
1955	}
1956	else {
1957	$filecount++;

1961	}
1962	$lifetime /= 2;
1963	}
1964	+ if ( wppa_is_cron() ) {
1965	+ wppa_log( 'cron', 'Deleted ' . $delcount . ' tempfiles' );
1966	+ }
1967	}
1968
1969	function wppa_publish_scheduled() {

wppa-cron.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	* Package: wp-photo-album-plus
4	*
5	* Contains all cron functions
6	- * Version 7.0.01
7	*
8	*
9	*/
	@@ -331,6 +331,9 @@ global $wpdb;
331	}
332	}
333



334	// Done?
335	if ( ! empty( $photos ) ) {
336	wppa_schedule_cleanup( 'now' );
	@@ -399,6 +402,7 @@ function wppa_do_clear_cache() {
399	}
400	}
401	function _wppa_do_clear_cache( $dir ) {

402
403	$needle = 'data-wppa="yes"';
404	$fsos = glob( $dir . '/*' );
	@@ -431,7 +435,10 @@ function _wppa_do_clear_cache( $dir ) {
431	}
432
433	// Also delete tempfiles
434	- ~~wppa_delete_obsolete_tempfiles~~();



435	}
436
437	// Activate treecount update proc


3	* Package: wp-photo-album-plus
4	*
5	* Contains all cron functions
6	+ * Version 7.0.03
7	*
8	*
9	*/

331	}
332	}
333
334	+ // Cleanup tempfiles
335	+ wppa_delete_obsolete_tempfiles();
336	+
337	// Done?
338	if ( ! empty( $photos ) ) {
339	wppa_schedule_cleanup( 'now' );

402	}
403	}
404	function _wppa_do_clear_cache( $dir ) {
405	+ static $did_tempfiles;
406
407	$needle = 'data-wppa="yes"';
408	$fsos = glob( $dir . '/*' );

435	}
436
437	// Also delete tempfiles
438	+ if ( ! $did_tempfiles ) {
439	+ wppa_delete_obsolete_tempfiles();
440	+ $did_tempfiles = true;
441	+ }
442	}
443
444	// Activate treecount update proc

wppa-encrypt.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	* Package: wp-photo-album-plus
4	*
5	* Contains all ecryption/decryption logic
6	- * Version 6.9.21
7	*
8	*/
9
	@@ -162,17 +162,24 @@ global $wpdb;
162	// Already decrypted?
163	if ( strlen( $photo ) < 12 ) {
164	if ( wppa_switch( 'refuse_unencrypted' ) && ! $no_refuse ) {
165	- wppa_dbg_msg( ~~__(~~ 'Invalid photo identifier~~:',~~ ~~'wp-photo-album-plus'~~ ) . ' ' . $photo, 'red', 'force' );

166	return false;
167	}
168	return intval( $photo );
169	}
170





171	// Just do it
172	$id = $wpdb->get_var( $wpdb->prepare( "SELECT id FROM $wpdb->wppa_photos WHERE crypt = %s", substr( $photo, 0, 12 ) ) );
173	if ( ! $id ) {
174	if ( $report_error ) {
175	- wppa_dbg_msg( 'Invalid photo identifier: ' . $photo, 'red', 'force' );

176	}
177	}
178


3	* Package: wp-photo-album-plus
4	*
5	* Contains all ecryption/decryption logic
6	+ * Version 7.0.03
7	*
8	*/
9

162	// Already decrypted?
163	if ( strlen( $photo ) < 12 ) {
164	if ( wppa_switch( 'refuse_unencrypted' ) && ! $no_refuse ) {
165	+ wppa_dbg_msg( 'Invalid photo identifier (1): ' . $photo, 'red', 'force' );
166	+ wppa_log( 'dbg', 'Invalid photo identifier (1): ' . $photo, true );
167	return false;
168	}
169	return intval( $photo );
170	}
171
172	+ // Wrapped in / by js?
173	+ if ( strlen( $photo ) > 12 ) {
174	+ $photo = trim( $photo, '/' );
175	+ }
176	+
177	// Just do it
178	$id = $wpdb->get_var( $wpdb->prepare( "SELECT id FROM $wpdb->wppa_photos WHERE crypt = %s", substr( $photo, 0, 12 ) ) );
179	if ( ! $id ) {
180	if ( $report_error ) {
181	+ wppa_dbg_msg( 'Invalid photo identifier (2): ' . $photo, 'red', 'force' );
182	+ wppa_log( 'dbg', 'Invalid photo identifier (2): ' . $photo, true );
183	}
184	}
185

wppa-filter.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	* Package: wp-photo-album-plus
4	*
5	* get the albums via shortcode handler
6	- * Version 7.0.02
7	*
8	*/
9
	@@ -40,7 +40,24 @@ function wppa_shordcode_div( $xatts, $content = '' ) {
40	'class' => '',
41	), $xatts );
42
43	- $~~result~~ = ~~'<div~~ ~~style="' . esc_attr(~~ $atts['style'] ~~) . '" class="' . esc_attr( $atts['class'] ) . '" >' .~~

















44	do_shortcode( $content ) .
45	'</div>';
46


3	* Package: wp-photo-album-plus
4	*
5	* get the albums via shortcode handler
6	+ * Version 7.0.03
7	*
8	*/
9

40	'class' => '',
41	), $xatts );
42
43	+ $style = $atts['style'];
44	+
45	+ $allowed_chars = array( 'a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p','q','r','s','t','u','v','w','x','y','z','0','1','2','3','4','5','6','7','8','9',':',';','-','%' );
46	+
47	+ $n = strlen( $style );
48	+ $i = 0;
49	+ while ( $i < $n ) {
50	+ $c = substr( $style, $i, 1 );
51	+ if ( ! in_array( $c, $allowed_chars ) ) {
52	+ $result = 'Illegal character "'.$c.'" found in [wppa_div] shortcode style attribute' .
53	+ '<br />' .
54	+ 'Allowed chars: ' . implode( '', $allowed_chars );
55	+ return $result;
56	+ }
57	+ $i++;
58	+ }
59	+
60	+ $result = '<div style="' . esc_attr( $style ) . '" class="' . esc_attr( $atts['class'] ) . '" >' .
61	do_shortcode( $content ) .
62	'</div>';
63

wppa-functions.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	* Package: wp-photo-album-plus
4	*
5	* Various functions
6	- * Version 7.0.01
7	*
8	*/
9
	@@ -2387,10 +2387,14 @@ global $wppa_done;
2387	$wppa_done = true;
2388
2389	$time = time();
2390	- ~~$photo = isset( $_REQUEST['photo'] ) ? strval( intval( $_REQUEST['photo'] ) ) : '0'; //wppa_get_get( 'photo' );~~
2391	- ~~if ( !~~ $photo ~~) $photo~~ = isset( $_REQUEST['photo~~-id~~'] ) ? ~~strval( intval(~~ $_REQUEST['photo~~-id~~'] ~~) )~~ : '0'; ~~//wppa_get_get( 'photo' );~~


2392	if ( ! $photo ) die( 'Photo id missing while processing a comment' );
2393	- ~~$user = sanitize_user( wppa_get_post( 'comname' ) );~~


2394	if ( ! $user ) die( 'Illegal attempt to enter a comment 1' );
2395	$email = sanitize_email( wppa_get_post( 'comemail' ) );
2396
	@@ -2400,7 +2404,7 @@ global $wppa_done;
2400	}
2401
2402	// Retrieve and filter comment
2403	- $comment = ~~wppa_get_post~~( 'comment' );
2404	$comment = trim( $comment );
2405	$comment = wppa_decode( $comment );
2406	$comment = strip_tags( $comment );


3	* Package: wp-photo-album-plus
4	*
5	* Various functions
6	+ * Version 7.0.03
7	*
8	*/
9

2387	$wppa_done = true;
2388
2389	$time = time();
2390	+
2391	+ $photo = isset( $_REQUEST['photo'] ) ? $_REQUEST['photo'] : '0';
2392	+ if ( ! $photo ) $photo = isset( $_REQUEST['photo-id'] ) ? $_REQUEST['photo-id'] : '0';
2393	+ $photo = wppa_decrypt_photo( $photo );
2394	if ( ! $photo ) die( 'Photo id missing while processing a comment' );
2395	+
2396	+ $user = isset( $_REQUEST['comname'] ) ? $_REQUEST['comname'] : 'Anonymus';
2397	+ $user = sanitize_user( $user );
2398	if ( ! $user ) die( 'Illegal attempt to enter a comment 1' );
2399	$email = sanitize_email( wppa_get_post( 'comemail' ) );
2400

2404	}
2405
2406	// Retrieve and filter comment
2407	+ $comment = isset( $_REQUEST['comment'] ) ? $_REQUEST['comment'] : '';
2408	$comment = trim( $comment );
2409	$comment = wppa_decode( $comment );
2410	$comment = strip_tags( $comment );

wppa-import.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	* Package: wp-photo-album-plus
4	*
5	* Contains all the import pages and functions
6	- * Version 7.0.02
7	*
8	*/
9
	@@ -1766,7 +1766,7 @@ global $wppa_supported_audio_extensions;
1766	//$id = wppa_get_album_id( $name );
1767	wppa_set_last_album( $id );
1768	wppa_index_add( 'album', $id );
1769	- wppa_ok_message( __( 'Album #', 'wp-photo-album-plus') ~~. ' ' .~~ $id . ~~': '.~~stripslashes( $name ).' ' ~~. __( 'Added.', 'wp-photo-album-plus'~~) );
1770	if ( $dela ) wppa_unlink( $album );
1771	$acount++;
1772	wppa_clear_cache();
	@@ -2929,7 +2929,7 @@ global $wppa_session;
2929	wppa_invalidate_treecounts( $alb );
2930	wppa_index_add( 'album', $alb );
2931	wppa_create_pl_htaccess();
2932	- wppa_ok_message( __( 'Album #', 'wp-photo-album-plus') ~~. ' ' .~~ $alb . ' ( ~~'.$~~name.' ) ' ~~. __( 'Added.', 'wp-photo-album-plus'~~) );
2933	if ( wppa_switch( 'newpag_create' ) && $parent <= '0' ) {
2934
2935	// Create post object
	@@ -3068,9 +3068,9 @@ static $void_dirs;
3068	$sel = $root == $source ? ' selected="selected"' : '';
3069
3070	// Set disabled if there are no files inside
3071	- $files = wppa_glob( $root . '/*' );
3072	$n_files = ! empty( $files ) ? count( $files ) : 0;
3073	- $dirs = wppa_glob( $root . '/*', GLOB_ONLYDIR );
3074	$n_dirs = ! empty( $dirs ) ? count( $dirs ) : 0;
3075	$dis = $n_files == $n_dirs ? ' disabled="disabled"' : '';
3076
	@@ -3110,7 +3110,7 @@ static $void_dirs;
3110	}
3111
3112	// See if subdirs exist
3113	- $dirs = wppa_glob( $root . '/*', GLOB_ONLYDIR );
3114
3115	// Go deeper if not in a list of void disnames
3116	if ( $dirs ) foreach( $dirs as $path ) {


3	* Package: wp-photo-album-plus
4	*
5	* Contains all the import pages and functions
6	+ * Version 7.0.03
7	*
8	*/
9

1766	//$id = wppa_get_album_id( $name );
1767	wppa_set_last_album( $id );
1768	wppa_index_add( 'album', $id );
1769	+ wppa_ok_message( sprintf( __( 'Album #%d: %s added', 'wp-photo-album-plus' ), $id, htmlentities( stripslashes( $name ) ) ) );
1770	if ( $dela ) wppa_unlink( $album );
1771	$acount++;
1772	wppa_clear_cache();

2929	wppa_invalidate_treecounts( $alb );
2930	wppa_index_add( 'album', $alb );
2931	wppa_create_pl_htaccess();
2932	+ wppa_ok_message( sprintf( __( 'Album #%d: %s added', 'wp-photo-album-plus' ), $alb, htmlentities( stripslashes( $name ) ) ) );
2933	if ( wppa_switch( 'newpag_create' ) && $parent <= '0' ) {
2934
2935	// Create post object

3068	$sel = $root == $source ? ' selected="selected"' : '';
3069
3070	// Set disabled if there are no files inside
3071	+ $files = wppa_glob( $root . '/*', null, true );
3072	$n_files = ! empty( $files ) ? count( $files ) : 0;
3073	+ $dirs = wppa_glob( $root . '/*', GLOB_ONLYDIR, true );
3074	$n_dirs = ! empty( $dirs ) ? count( $dirs ) : 0;
3075	$dis = $n_files == $n_dirs ? ' disabled="disabled"' : '';
3076

3110	}
3111
3112	// See if subdirs exist
3113	+ $dirs = wppa_glob( $root . '/*', GLOB_ONLYDIR, true );
3114
3115	// Go deeper if not in a list of void disnames
3116	if ( $dirs ) foreach( $dirs as $path ) {

wppa-mailing.php CHANGED Viewed

	@@ -4,7 +4,7 @@
4	*
5	* Contains mailing functions
6	*
7	- * Version 7.0.00
8	*
9	*/
10
	@@ -377,7 +377,7 @@ global $wpdb;
377	}
378
379	// Get the users who commented on the photo
380	- $users = $wpdb->get_col( $wpdb->prepare( "SELECT ~~UNIQUE~~ user FROM {$wpdb->wppa_comments} WHERE photo = %d", $pho ) );
381
382	// If the current author is in the list: remove him, he is most likely already notified
383	if ( isset( $usres[$comment['user']] ) ) {


4	*
5	* Contains mailing functions
6	*
7	+ * Version 7.0.03
8	*
9	*/
10

377	}
378
379	// Get the users who commented on the photo
380	+ $users = $wpdb->get_col( $wpdb->prepare( "SELECT DISTINCT user FROM {$wpdb->wppa_comments} WHERE photo = %d", $pho ) );
381
382	// If the current author is in the list: remove him, he is most likely already notified
383	if ( isset( $usres[$comment['user']] ) ) {

wppa-maintenance.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	* Package: wp-photo-album-plus
4	*
5	* Contains (not yet, but in the future maybe) all the maintenance routines
6	- * Version 7.0.02
7	*
8	*/
9
	@@ -1292,19 +1292,19 @@ global $wppa_log_file;
1292	$thumb = wppa_cache_thumb( $rating['photo'] );
1293	$result .= '
1294	<tr>
1295	- <td>'.$rating['id'].'</td>
1296	- <td>'.$rating['timestamp'].'</td>
1297	- <td>'.( $rating['timestamp'] ? wppa_local_date(~~get_option('date_format',~~ ~~"F j, Y,").~~' '~~.get_option('time_format'~~, ~~"g:i a"),~~ $rating['timestamp']) : 'pre-historic' ).'</td>
1298	- <td>'.$rating['status'].'</td>
1299	- <td>'.$rating['user'].'</td>
1300	- <td>'.$rating['value'].'</td>
1301	- <td>'.$rating['photo'].'</td>
1302	- <td style="width:250px; text-align:center;"><img src="'.wppa_get_thumb_url($rating['photo']).'"
1303	style="height: 40px;"
1304	onmouseover="jQuery(this).stop().animate({height:this.naturalHeight}, 200);"
1305	onmouseout="jQuery(this).stop().animate({height:\'40px\'}, 200);" /></td>
1306	- <td>'.$thumb['rating_count'].'</td>
1307	- <td>'.$thumb['mean_rating'].'</td>
1308	</tr>';
1309	}
1310
	@@ -1313,7 +1313,7 @@ global $wppa_log_file;
1313	</table>';
1314	}
1315	else {
1316	- $result .= __('There are no ratings', 'wp-photo-album-plus');
1317	}
1318	$result .= '
1319	</div><div style="clear:both;"></div>';


3	* Package: wp-photo-album-plus
4	*
5	* Contains (not yet, but in the future maybe) all the maintenance routines
6	+ * Version 7.0.03
7	*
8	*/
9

1292	$thumb = wppa_cache_thumb( $rating['photo'] );
1293	$result .= '
1294	<tr>
1295	+ <td>' . htmlentities( $rating['id'] ) . '</td>
1296	+ <td>' . htmlentities( $rating['timestamp'] ) . '</td>
1297	+ <td>' . htmlentities( ( $rating['timestamp'] ? wppa_local_date( '', $rating['timestamp'] ) : 'pre-historic' ) ) . '</td>
1298	+ <td>' . htmlentities( $rating['status'] ) . '</td>
1299	+ <td>' . htmlentities( $rating['user'] ) . '</td>
1300	+ <td>' . htmlentities( $rating['value'] ) . '</td>
1301	+ <td>' . htmlentities( $rating['photo'] ) . '</td>
1302	+ <td style="width:250px; text-align:center;"><img src="' . esc_url( wppa_get_thumb_url( $rating['photo'] ) ) . '"
1303	style="height: 40px;"
1304	onmouseover="jQuery(this).stop().animate({height:this.naturalHeight}, 200);"
1305	onmouseout="jQuery(this).stop().animate({height:\'40px\'}, 200);" /></td>
1306	+ <td>' . htmlentities( $thumb['rating_count'] ) . '</td>
1307	+ <td>' . htmlentities( $thumb['mean_rating'] ) . '</td>
1308	</tr>';
1309	}
1310

1313	</table>';
1314	}
1315	else {
1316	+ $result .= __( 'There are no ratings', 'wp-photo-album-plus' );
1317	}
1318	$result .= '
1319	</div><div style="clear:both;"></div>';

wppa-photo-admin-autosave.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	* Package: wp-photo-album-plus
4	*
5	* edit and delete photos
6	- * Version 7.0.02
7	*
8	*/
9
	@@ -526,6 +526,7 @@ function wppaToggleExif( id, count ) {
526	$panorama = $photo['panorama'];
527	$magickstack = $photo['magickstack'];
528	$scheduledel = $photo['scheduledel'];

529
530	// See if item is a multimedia item
531	$is_multi = wppa_is_multi( $id );
	@@ -945,10 +946,24 @@ function wppaToggleExif( id, count ) {
945	echo
946	__( 'Available files:', 'wp-photo-album-plus' ) . ' ';
947








948	// Source
949	echo
950	__( 'Source file:', 'wp-photo-album-plus' ) . ' ';
951	$sp = wppa_get_source_path( $id );






952	if ( is_file( $sp ) ) {
953	$ima = getimagesize( $sp );
954	echo
	@@ -1139,8 +1154,8 @@ function wppaToggleExif( id, count ) {
1139	}
1140
1141	// Panorama
1142	- if ( wppa_switch( 'enable_panorama' ) ) {
1143	- $can_panorama = $photox / $photoy >= 1.999;
1144	echo
1145	__( 'Panorama' ) . ': ' .
1146	( $can_panorama ?
	@@ -2341,10 +2356,10 @@ function wppa_album_photos_bulk( $album ) {
2341	$message = sprintf( __( '%d photos deleted.' , 'wp-photo-album-plus'), $count );
2342	break;
2343	case 'wppa-bulk-move-to':
2344	- $message = sprintf( __( '%1$s photos moved to album %2$s.' , 'wp-photo-album-plus'), $count, $newalb.': '.wppa_get_album_name( $newalb ) );
2345	break;
2346	case 'wppa-bulk-copy-to':
2347	- $message = sprintf( __( '%1$s photos copied to album %2$s.' , 'wp-photo-album-plus'), $count, $newalb.': '.wppa_get_album_name( $newalb ) );
2348	break;
2349	case 'wppa-bulk-status':
2350	$message = sprintf( __( 'Changed status to %1$s on %2$s photos.' , 'wp-photo-album-plus'), $status, $count );
	@@ -2356,7 +2371,7 @@ function wppa_album_photos_bulk( $album ) {
2356	$message = sprintf( __( '%d photos processed.' , 'wp-photo-album-plus'), $count );
2357	break;
2358	}
2359	- wppa_ok_message( $message );
2360	}
2361	}
2362


3	* Package: wp-photo-album-plus
4	*
5	* edit and delete photos
6	+ * Version 7.0.03
7	*
8	*/
9

526	$panorama = $photo['panorama'];
527	$magickstack = $photo['magickstack'];
528	$scheduledel = $photo['scheduledel'];
529	+ $ext = $photo['ext'];
530
531	// See if item is a multimedia item
532	$is_multi = wppa_is_multi( $id );

946	echo
947	__( 'Available files:', 'wp-photo-album-plus' ) . ' ';
948
949	+ // Pdf
950	+ if ( wppa_is_pdf( $id ) ) {
951	+ $sp = wppa_get_source_path( $id );
952	+ $fs = wppa_get_filesize( $sp );
953	+ echo
954	+ __( 'Document file:', 'wp-photo-album-plus' ) . ' ' . $fs . ' ';
955	+ }
956	+
957	// Source
958	echo
959	__( 'Source file:', 'wp-photo-album-plus' ) . ' ';
960	$sp = wppa_get_source_path( $id );
961	+ if ( wppa_is_pdf( $id ) ) {
962	+ $sp = wppa_strip_ext( $sp ) . '.jpg';
963	+ if ( ! is_file( $sp ) ) {
964	+ $sp = wppa_strip_ext( $sp ) . '.png';
965	+ }
966	+ }
967	if ( is_file( $sp ) ) {
968	$ima = getimagesize( $sp );
969	echo

1154	}
1155
1156	// Panorama
1157	+ if ( wppa_switch( 'enable_panorama' ) && ! $b_is_video ) {
1158	+ $can_panorama = $photoy && $photox / $photoy >= 1.999;
1159	echo
1160	__( 'Panorama' ) . ': ' .
1161	( $can_panorama ?

2356	$message = sprintf( __( '%d photos deleted.' , 'wp-photo-album-plus'), $count );
2357	break;
2358	case 'wppa-bulk-move-to':
2359	+ $message = sprintf( __( '%1$s photos moved to album %2$s.' , 'wp-photo-album-plus'), $count, $newalb.': ' . strip_tags( wppa_get_album_name( $newalb ) ) );
2360	break;
2361	case 'wppa-bulk-copy-to':
2362	+ $message = sprintf( __( '%1$s photos copied to album %2$s.' , 'wp-photo-album-plus'), $count, $newalb.': ' . strip_tags( wppa_get_album_name( $newalb ) ) );
2363	break;
2364	case 'wppa-bulk-status':
2365	$message = sprintf( __( 'Changed status to %1$s on %2$s photos.' , 'wp-photo-album-plus'), $status, $count );

2371	$message = sprintf( __( '%d photos processed.' , 'wp-photo-album-plus'), $count );
2372	break;
2373	}
2374	+ wppa_ok_message( htmlentities( $message ) );
2375	}
2376	}
2377

wppa-photo-files.php CHANGED Viewed

	@@ -2,7 +2,7 @@
2	/* wppa-photo-files.php
3	*
4	* Functions used to create/manipulate photofiles
5	- * Version 7.0.00
6	*
7	*/
8
	@@ -150,15 +150,15 @@ function wppa_orientate_image_file( $file, $ori ) {
150	// The id and extension must be supplied.
151	function wppa_make_the_photo_files( $file, $id, $ext, $do_thumb = true ) {
152	global $wpdb;
153	- //wppa_log('dbg', 'make called with'.$file.' '.$id.' '.$ext.' '.$do_thumb);
154	$thumb = wppa_cache_thumb( $id );
155
156	$src_size = @getimagesize( $file, $info );
157
158	// If the given file is not an image file, log error and exit
159	if ( ! $src_size ) {
160	- if ( is_admin() ) wppa_error_message( sprintf( __( 'ERROR: File %s is not a valid picture file.' , 'wp-photo-album-plus'), $file ) );
161	- else wppa_alert( sprintf( __( 'ERROR: File %s is not a valid picture file.', 'wp-photo-album-plus'), $file ) );
162	return false;
163	}
164
	@@ -406,12 +406,12 @@ function wppa_create_thumbnail( $id, $use_source = true ) {
406	$file = wppa_get_o1_source_path( $id );
407
408	// Try source path
409	- if ( ! ~~is_file~~( $file ) ) {
410	$file = wppa_get_source_path( $id );
411	}
412
413	// Use photo path
414	- if ( ! ~~is_file~~( $file ) ) {
415	$file = wppa_get_photo_path( $id );
416	}
417	}
	@@ -421,11 +421,16 @@ function wppa_create_thumbnail( $id, $use_source = true ) {
421	$file = wppa_get_photo_path( $id );
422	}
423





424	// Max side
425	$max_side = wppa_get_minisize();
426
427	// Check file
428	- if ( ! ~~is_file~~( $file ) ) return false; // No file, fail
429	$img_attr = getimagesize( $file );
430	if ( ! $img_attr ) return false; // Not an image, fail
431


2	/* wppa-photo-files.php
3	*
4	* Functions used to create/manipulate photofiles
5	+ * Version 7.0.03
6	*
7	*/
8

150	// The id and extension must be supplied.
151	function wppa_make_the_photo_files( $file, $id, $ext, $do_thumb = true ) {
152	global $wpdb;
153	+ wppa_log('dbg', 'make called with'.$file.' '.$id.' '.$ext.' '.$do_thumb. ' exists=' . is_file($file), true);
154	$thumb = wppa_cache_thumb( $id );
155
156	$src_size = @getimagesize( $file, $info );
157
158	// If the given file is not an image file, log error and exit
159	if ( ! $src_size ) {
160	+ if ( is_admin() ) wppa_error_message( sprintf( __( 'ERROR: File %s is not a valid picture file.' , 'wp-photo-album-plus'), htmlentities( $file ) ) );
161	+ else wppa_alert( sprintf( __( 'ERROR: File %s is not a valid picture file.', 'wp-photo-album-plus'), htmlentities( $file ) ) );
162	return false;
163	}
164

406	$file = wppa_get_o1_source_path( $id );
407
408	// Try source path
409	+ if ( ! wppa_is_file( $file ) ) {
410	$file = wppa_get_source_path( $id );
411	}
412
413	// Use photo path
414	+ if ( ! wppa_is_file( $file ) ) {
415	$file = wppa_get_photo_path( $id );
416	}
417	}

421	$file = wppa_get_photo_path( $id );
422	}
423
424	+ // If pdf, find image file
425	+ if ( wppa_get_ext( $file ) == 'pdf' ) {
426	+ $file = wppa_strip_ext( $file ) . '.' . wppa_get_photo_item( $id, 'ext' );
427	+ }
428	+
429	// Max side
430	$max_side = wppa_get_minisize();
431
432	// Check file
433	+ if ( ! wppa_is_file( $file ) ) return false; // No file, fail
434	$img_attr = getimagesize( $file );
435	if ( ! $img_attr ) return false; // Not an image, fail
436

wppa-settings-autosave.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	* Package: wp-photo-album-plus
4	*
5	* manage all options
6	- * Version 7.0.02
7	*
8	*/
9
	@@ -246,7 +246,7 @@ global $wppa_supported_camara_brands;
246	}
247	break;
248
249	- default: wppa_error_message('Unimplemnted action key: '.$key);
250	}
251
252	// Make sure we are uptodate
	@@ -8445,6 +8445,16 @@ global $wppa_supported_camara_brands;
8445	$tags = 'system';
8446	wppa_setting($slug, '13', $name, $desc, $html, $help, $clas, $tags);
8447










8448	}
8449	wppa_setting_subheader( 'B', '1', __( 'WPPA+ Admin related miscellaneous settings' , 'wp-photo-album-plus') );
8450	{
	@@ -10530,7 +10540,7 @@ global $wppa_supported_camara_brands;
10530	wppa_setting($slug, '3.3', $name, $desc, $html, $help, $clas, $tags);
10531	*/
10532	$name = __('Mail on previous comment', 'wp-photo-album-plus');
10533	- $desc = __('Notify users who ~~has~~ commented this photo earlier', 'wp-photo-album-plus');
10534	$help = '';
10535	$slug = 'wppa_commentprevious';
10536	$subs = count( wppa_index_string_to_array( get_option( 'wppa_mailinglist_commentprevious', '' ) ) );
	@@ -11172,7 +11182,7 @@ global $wppa_totcols;
11172	>
11173	<small>
11174	<i>' .
11175	- stripslashes( str_replace( '\n', ' ', $hlp ) ) . '
11176	</i>
11177	</small>
11178	</td>


3	* Package: wp-photo-album-plus
4	*
5	* manage all options
6	+ * Version 7.0.03
7	*
8	*/
9

246	}
247	break;
248
249	+ default: wppa_error_message( 'Unimplemnted action key: ' . htmlentities( $key ) );
250	}
251
252	// Make sure we are uptodate

8445	$tags = 'system';
8446	wppa_setting($slug, '13', $name, $desc, $html, $help, $clas, $tags);
8447
8448	+ $name = __('Direct comment', 'wp-photo-album-plus');
8449	+ $desc = __('Enable direct commenting and rating from remote source', 'wp-photo-album-plus');
8450	+ $help = __('This setting has only effect when Table IV-A6.1 and 6.2 are ticked', 'wp-photo-album-plus');
8451	+ $help .= '<br />' . __('Use with care, and only in special situations!', 'wp-photo-album-plus');
8452	+ $slug = 'wppa_direct_comment';
8453	+ $html = wppa_checkbox($slug);
8454	+ $clas = '';
8455	+ $tags = 'system,comment,rating';
8456	+ wppa_setting($slug, '14', $name, $desc, $html, $help, $clas, $tags);
8457	+
8458	}
8459	wppa_setting_subheader( 'B', '1', __( 'WPPA+ Admin related miscellaneous settings' , 'wp-photo-album-plus') );
8460	{

10540	wppa_setting($slug, '3.3', $name, $desc, $html, $help, $clas, $tags);
10541	*/
10542	$name = __('Mail on previous comment', 'wp-photo-album-plus');
10543	+ $desc = __('Notify users who have commented this photo earlier', 'wp-photo-album-plus');
10544	$help = '';
10545	$slug = 'wppa_commentprevious';
10546	$subs = count( wppa_index_string_to_array( get_option( 'wppa_mailinglist_commentprevious', '' ) ) );

11182	>
11183	<small>
11184	<i>' .
11185	+ htmlentities( stripslashes( str_replace( '\n', ' ', $hlp ) ) ) . '
11186	</i>
11187	</small>
11188	</td>

wppa-setup.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	* Package: wp-photo-album-plus
4	*
5	* Contains all the setup stuff
6	- * Version 7.0.01
7	*
8	*/
9
	@@ -1689,6 +1689,7 @@ cursorborder:'2px solid transparent',";
1689
1690	'wppa_login_url' => site_url( 'wp-login.php', 'login' ), // A
1691	'wppa_cache_root' => 'cache',

1692
1693	// IX D New
1694	'wppa_max_album_newtime' => '0', // 1


3	* Package: wp-photo-album-plus
4	*
5	* Contains all the setup stuff
6	+ * Version 7.0.03
7	*
8	*/
9

1689
1690	'wppa_login_url' => site_url( 'wp-login.php', 'login' ), // A
1691	'wppa_cache_root' => 'cache',
1692	+ 'wppa_direct_comment' => 'no',
1693
1694	// IX D New
1695	'wppa_max_album_newtime' => '0', // 1

wppa-stats-widget.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	* Package: wp-photo-album-plus
4	*
5	* display the stats widget
6	- * Version 6.9.21
7	*
8	*/
9	class WppaStatsWidget extends WP_Widget {
	@@ -118,7 +118,7 @@ class WppaStatsWidget extends WP_Widget {
118	$widget_content .= __('Number of audios', 'wp-photo-album-plus') . ': <b>' . $cnt . '</b><br />';
119	}
120	}
121	- if ( wppa_checked( $instance['pdfs'] ) && ~~wppa_can_pdf~~() ) {
122	$pdfs = $wpdb->get_var( "SELECT COUNT(*) FROM $wpdb->wppa_photos WHERE filename LIKE '%.pdf'" );
123	if ( $pdfs ) {
124	$widget_content .= __('Number of pdfs', 'wp-photo-album-plus') . ': <b>' . $pdfs . '</b><br />';
	@@ -255,7 +255,7 @@ class WppaStatsWidget extends WP_Widget {
255	);
256	}
257
258	- if ( ~~wppa_can_pdf~~() ) {
259	echo
260	wppa_widget_checkbox( $this,
261	'pdfs',


3	* Package: wp-photo-album-plus
4	*
5	* display the stats widget
6	+ * Version 7.0.03
7	*
8	*/
9	class WppaStatsWidget extends WP_Widget {

118	$widget_content .= __('Number of audios', 'wp-photo-album-plus') . ': <b>' . $cnt . '</b><br />';
119	}
120	}
121	+ if ( wppa_checked( $instance['pdfs'] ) && wppa_switch( 'enable_pdf' ) ) {
122	$pdfs = $wpdb->get_var( "SELECT COUNT(*) FROM $wpdb->wppa_photos WHERE filename LIKE '%.pdf'" );
123	if ( $pdfs ) {
124	$widget_content .= __('Number of pdfs', 'wp-photo-album-plus') . ': <b>' . $pdfs . '</b><br />';

255	);
256	}
257
258	+ if ( wppa_switch( 'enable_pdf' ) ) {
259	echo
260	wppa_widget_checkbox( $this,
261	'pdfs',

wppa-thumbnails.php CHANGED Viewed

	@@ -5,7 +5,7 @@
5	* Various funcions to display a thumbnail image
6	* Contains all possible frontend thumbnail types
7	*
8	- * Version 6.9.21
9	*
10	*/
11
	@@ -151,7 +151,7 @@ global $wpdb;
151
152	// The medals if at the top
153	$medalsize = $com_alt ? 'S' : 'M';
154	- $result .= wppa_get_medal_html_a( array( 'id' => $id, 'size' => $medalsize, 'where' => 'top' ) );
155
156	// The audio when no popup
157	if ( wppa_switch( 'thumb_audio' ) && wppa_has_audio( $id ) && ! $com_alt ) {
	@@ -471,7 +471,7 @@ global $wpdb;
471	}
472
473	// The medals if near the bottom
474	- $result .= wppa_get_medal_html_a( array( 'id' => $id, 'size' => $medalsize, 'where' => 'bot' ) );
475
476	// Close the image container
477	$result .= '</div>';
	@@ -1208,7 +1208,7 @@ global $wpdb;
1208	'" >';
1209
1210	// The medals
1211	- $result .= wppa_get_medal_html_a( array( 'id' => $id, 'size' => 'M', 'where' => 'top' ) );
1212
1213	// See if ajax possible
1214	if ( $link ) {
	@@ -1522,7 +1522,7 @@ global $wpdb;
1522
1523
1524	// The medals
1525	- $result .= wppa_get_medal_html_a( array( 'id' => $id, 'size' => 'M', 'where' => 'bot' ) );
1526
1527	// Close the thumbframe
1528	$result .= '</div>';
	@@ -1602,7 +1602,7 @@ function wppa_get_the_widget_thumb( $type, $image, $album, $display, $link, $tit
1602
1603	// The medals if on top
1604	if ( $display == 'thumbs' ) {
1605	- $result .= $id ? wppa_get_medal_html_a( array( 'id' => $id, 'size' => 'S', 'where' => 'top' ) ) : '';
1606	}
1607
1608	// Get the name
	@@ -1780,7 +1780,7 @@ function wppa_get_the_widget_thumb( $type, $image, $album, $display, $link, $tit
1780
1781	// The medals if at the bottom
1782	if ( $display == 'thumbs' ) {
1783	- $result .= $id ? wppa_get_medal_html_a( array( 'id' => $id, 'size' => 'S', 'where' => 'bot' ) ) : '';
1784	}
1785
1786	// Close container
	@@ -1918,7 +1918,8 @@ function wppa_get_medal_html_a( $args ) {
1918	$args = wp_parse_args( (array) $args, array(
1919	'id' => '0',
1920	'size' => 'M',
1921	- 'where' => ''

1922	) );
1923
1924	// Validate args
	@@ -1936,8 +1937,21 @@ function wppa_get_medal_html_a( $args ) {
1936	$status = wppa_get_photo_item( $id, 'status' );
1937	$medal = in_array ( $status, array( 'gold', 'silver', 'bronze' ) ) ? $status : '';
1938













1939	// Have a medal to show?
1940	- if ( ! $new && ! $medal && ! $mod ) {
1941	return ''; // No
1942	}
1943
	@@ -1992,6 +2006,9 @@ function wppa_get_medal_html_a( $args ) {
1992	'gold' => __('Gold medal', 'wp-photo-album-plus'),
1993	'silver' => __('Silver medal', 'wp-photo-album-plus'),
1994	'bronze' => __('Bronze medal', 'wp-photo-album-plus'),



1995	);
1996	$size = $sizes[$args['size']];
1997	$nsize = $nsizes[$args['size']];
	@@ -2001,28 +2018,57 @@ function wppa_get_medal_html_a( $args ) {
2001	$top = $tops[$args['size']];
2002	$ntop = $ntops[$args['size']];
2003	$title = $medal ? esc_attr( $titles[$medal] ) : '';
2004	- $~~sstyle~~ = $left ? 'left:'.$smarg.'px;' : 'right:'.$smarg.'px;';
2005	- $~~lstyle~~ = $left ? 'left:'~~.$lmarg~~.'px;' : 'right:'~~.$lmarg~~.'px;';

2006
2007	// The medal container
2008	$result .= '<div style="position:relative;top:'.$ctop.'px;z-index:10;">';
2009
2010	- // The medal
2011	- if ( $~~medal~~ ) ~~$result~~ .= '~~<img~~' .
2012	- ~~' src="' . WPPA_URL . '/img/medal_' . $medal . '_' . $color .'.png"' .~~
2013	- ' ~~title="' .~~ $~~title~~ . ~~'"' .~~
2014	- ' ~~alt~~="' . ~~$title~~ . '"' .
2015	- ' ~~style~~="' . ~~$sstyle~~ .
2016	- '~~top~~:~~4px~~;' .
2017	- ~~'position:absolute;' .~~
2018	- '~~border:none;~~' .
2019	- '~~margin:0;~~' .
2020	- '~~padding:0;~~' .
2021	- '~~box-shadow:none;~~' .
2022	- '~~height:~~' ~~.$size~~ . ~~'px;'~~ .
2023	- 'top:~~' . $top . 'px~~;' .
2024	- '"' .
2025	- ' ~~/>';~~




























2026
2027	// Is there a new or modified indicator to display?
2028	if ( $new ) {


5	* Various funcions to display a thumbnail image
6	* Contains all possible frontend thumbnail types
7	*
8	+ * Version 7.0.03
9	*
10	*/
11

151
152	// The medals if at the top
153	$medalsize = $com_alt ? 'S' : 'M';
154	+ $result .= wppa_get_medal_html_a( array( 'id' => $id, 'size' => $medalsize, 'where' => 'top', 'thumb' => true ) );
155
156	// The audio when no popup
157	if ( wppa_switch( 'thumb_audio' ) && wppa_has_audio( $id ) && ! $com_alt ) {

471	}
472
473	// The medals if near the bottom
474	+ $result .= wppa_get_medal_html_a( array( 'id' => $id, 'size' => $medalsize, 'where' => 'bot', 'thumb' => true ) );
475
476	// Close the image container
477	$result .= '</div>';

1208	'" >';
1209
1210	// The medals
1211	+ $result .= wppa_get_medal_html_a( array( 'id' => $id, 'size' => 'M', 'where' => 'top', 'thumb' => true ) );
1212
1213	// See if ajax possible
1214	if ( $link ) {

1522
1523
1524	// The medals
1525	+ $result .= wppa_get_medal_html_a( array( 'id' => $id, 'size' => 'M', 'where' => 'bot', 'thumb' => true ) );
1526
1527	// Close the thumbframe
1528	$result .= '</div>';

1602
1603	// The medals if on top
1604	if ( $display == 'thumbs' ) {
1605	+ $result .= $id ? wppa_get_medal_html_a( array( 'id' => $id, 'size' => 'S', 'where' => 'top', 'thumb' => true ) ) : '';
1606	}
1607
1608	// Get the name

1780
1781	// The medals if at the bottom
1782	if ( $display == 'thumbs' ) {
1783	+ $result .= $id ? wppa_get_medal_html_a( array( 'id' => $id, 'size' => 'S', 'where' => 'bot', 'thumb' => true ) ) : '';
1784	}
1785
1786	// Close container

1918	$args = wp_parse_args( (array) $args, array(
1919	'id' => '0',
1920	'size' => 'M',
1921	+ 'where' => '',
1922	+ 'thumb' => false,
1923	) );
1924
1925	// Validate args

1937	$status = wppa_get_photo_item( $id, 'status' );
1938	$medal = in_array ( $status, array( 'gold', 'silver', 'bronze' ) ) ? $status : '';
1939
1940	+ if ( $args['thumb'] && wppa_get_ext( wppa_get_photo_item( $id, 'filename' ) ) == 'pdf' ) {
1941	+ $mmitem = 'pdf';
1942	+ }
1943	+ elseif ( $args['thumb'] && wppa_has_audio( $id ) && ! wppa_switch( 'thumb_audio' ) ) {
1944	+ $mmitem = 'audio';
1945	+ }
1946	+ elseif ( $args['thumb'] && wppa_is_video( $id ) && ! wppa_switch( 'thumb_video' ) ) {
1947	+ $mmitem = 'video';
1948	+ }
1949	+ else {
1950	+ $mmitem = '';
1951	+ }
1952	+
1953	// Have a medal to show?
1954	+ if ( ! $new && ! $medal && ! $mod && ! $mmitem ) {
1955	return ''; // No
1956	}
1957

2006	'gold' => __('Gold medal', 'wp-photo-album-plus'),
2007	'silver' => __('Silver medal', 'wp-photo-album-plus'),
2008	'bronze' => __('Bronze medal', 'wp-photo-album-plus'),
2009	+ 'pdf' => __('Document', 'wp-photo-album-plus'),
2010	+ 'audio' => __('Audio', 'wp-photo-album-plus'),
2011	+ 'video' => __('Video', 'wp-photo-album-plus'),
2012	);
2013	$size = $sizes[$args['size']];
2014	$nsize = $nsizes[$args['size']];

2018	$top = $tops[$args['size']];
2019	$ntop = $ntops[$args['size']];
2020	$title = $medal ? esc_attr( $titles[$medal] ) : '';
2021	+ $mstyle = $left ? 'left:'.$smarg.'px;' : 'right:'.$smarg.'px;';
2022	+ $sstyle = $left ? 'left:'.($mmitem?$smarg+$size:$smarg).'px;' : 'right:'.($mmitem?$smarg+$size:$smarg).'px;';
2023	+ $lstyle = $left ? 'left:'.($mmitem?$lmarg+$size:$lmarg).'px;' : 'right:'.($mmitem?$lmarg+$size:$lmarg).'px;';
2024
2025	// The medal container
2026	$result .= '<div style="position:relative;top:'.$ctop.'px;z-index:10;">';
2027
2028	+ // The medal pdf-audio-video
2029	+ if ( in_array( $mmitem, array( 'pdf', 'audio', 'video' ) ) ) {
2030	+
2031	+ switch( $mmitem ) {
2032	+ case 'pdf': $url = WPPA_URL . '/img/Document-File.svg'; break;
2033	+ case 'audio': $url = WPPA_URL . '/img/Music-Note-1.svg'; break;
2034	+ case 'video': $url = WPPA_URL . '/img/Film-Clapper.svg'; break;
2035	+ }
2036	+ $result .= '<img' .
2037	+ ' src="' . esc_attr( $url ) . '"' .
2038	+ ' title="' . $titles[$mmitem] . '"' .
2039	+ ' alt="' . $titles[$mmitem] . '"' .
2040	+ ' style="' . $mstyle .
2041	+ 'top:4px;' .
2042	+ 'position:absolute;' .
2043	+ 'border:none;' .
2044	+ 'margin:0 '.($left?'2':'-2').'px;' .
2045	+ 'padding:0;' .
2046	+ 'box-shadow:none;' .
2047	+ 'height:' .$size . 'px;' .
2048	+ 'top:' . $top . 'px;' .
2049	+ 'background-color:white' .
2050	+ '"' .
2051	+ ' />';
2052	+ }
2053	+
2054	+ // The medal bronze-silver-gold
2055	+ if ( $medal ) {
2056	+ $result .= '<img' .
2057	+ ' src="' . WPPA_URL . '/img/medal_' . $medal . '_' . $color .'.png"' .
2058	+ ' title="' . $title . '"' .
2059	+ ' alt="' . $title . '"' .
2060	+ ' style="' . $sstyle .
2061	+ 'top:4px;' .
2062	+ 'position:absolute;' .
2063	+ 'border:none;' .
2064	+ 'margin:0;' .
2065	+ 'padding:0;' .
2066	+ 'box-shadow:none;' .
2067	+ 'height:' .$size . 'px;' .
2068	+ 'top:' . $top . 'px;' .
2069	+ '"' .
2070	+ ' />';
2071	+ }
2072
2073	// Is there a new or modified indicator to display?
2074	if ( $new ) {

wppa-upload.php CHANGED Viewed

@@ -3,7 +3,7 @@
             * Package: wp-photo-album-plus
+            *
             * Contains all the upload pages and functions
-            -
            * Version 7.0.00
+            *
             */
@@ -69,6 +69,9 @@ global $upload_album;
             	if ( isset( $_REQUEST['wppa-set-album'] ) ) {
             		wppa_set_last_album( strval( intval( $_REQUEST['wppa-set-album'] ) ) );
+            	}
             	// Do the upload if requested
             	// From BOX A
@@ -561,18 +564,54 @@ global $upload_album;
             					return;
+            				}
             				if ( ! $file['error'][$i] ) {
             					wppa( 'unsanitized_filename', $file['name'][$i] );
             					wppa_pdf_preprocess( $file, $upload_album, $i );
-            -
            					$id = wppa_insert_photo( $file['tmp_name'][$i], $upload_album, $file['name'][$i] );
-            -
            					if ( $id ) {
             						$uploaded_a_file = true;
             						$count++;
-            -
            						wppa_pdf_postprocess( $id );
-            -
            //						wppa_backend_upload_mail( $id, $upload_album, wppa_sima($file['name'][$i]) );
+            					}
             					else {
-            -
            						wppa_error_message( __( 'Error inserting photo' , 'wp-photo-album-plus') . ' ' . wppa_sanitize_file_name( wppa_sima( basename( $file['name'][$i] ) ) ) . '.' );
-            -
            						return;
+            					}
+            				}
+            			}
@@ -598,18 +637,54 @@ global $upload_album;
             	$count = '0';
             	foreach ( $_FILES as $file ) {
             		if ( $file['tmp_name'] != '' ) {
             			wppa( 'unsanitized_filename', $file['name'] );
             			wppa_pdf_preprocess( $file, $upload_album );
-            -
            			$id = wppa_insert_photo( $file['tmp_name'], $upload_album, $file['name'] );
-            -
            			if ( $id ) {
             				$uploaded_a_file = true;
             				$count++;
-            -
            				wppa_pdf_postprocess( $id );
-            -
            //				wppa_backend_upload_mail( $id, $upload_album, wppa_sima( $file['name'] ) );
+            			}
             			else {
-            -
            				wppa_error_message( __( 'Error inserting photo' , 'wp-photo-album-plus') . ' ' . wppa_sanitize_file_name( basename( $file['name'] ) ) . '.' );
-            -
            				return;
+            			}
+            		}
+            	}


3	* Package: wp-photo-album-plus
4	*
5	* Contains all the upload pages and functions
6	+ * Version 7.0.03
7	*
8	*/
9

69	if ( isset( $_REQUEST['wppa-set-album'] ) ) {
70	wppa_set_last_album( strval( intval( $_REQUEST['wppa-set-album'] ) ) );
71	}
72	+ elseif( isset( $_REQUEST['wppa-album'] ) ) {
73	+ wppa_set_last_album( strval( intval( $_REQUEST['wppa-album'] ) ) );
74	+ }
75
76	// Do the upload if requested
77	// From BOX A

564	return;
565	}
566	if ( ! $file['error'][$i] ) {
567	+ $file['name'][$i] = wppa_down_ext( $file['name'][$i] );
568	wppa( 'unsanitized_filename', $file['name'][$i] );
569	wppa_pdf_preprocess( $file, $upload_album, $i );
570	+
571	+ // Could not craete poster image
572	+ if ( wppa( 'is_pdf' ) && ! file_exists( $file['tmp_name'][$i] ) ) {
573	+ $id = wppa_create_photo_entry( array( 'album' => $upload_album,
574	+ 'ext' => 'pdf',
575	+ 'name' => $file['name'][$i],
576	+ 'filename' => wppa_strip_ext( $file['name'][$i] ) . '.pdf',
577	+ ) );
578	$uploaded_a_file = true;
579	$count++;
580	+ wppa( 'is_pdf', false );

581	}
582	+
583	+ // Could create poster image or is no pdf
584	else {
585	+
586	+ // Are we uploading a posterfile for a pdf?
587	+ $id = $wpdb->get_var( $wpdb->prepare( "SELECT id FROM {$wpdb->wppa_photos}
588	+ WHERE filename = %s
589	+ AND album = %d",
590	+ wppa_strip_ext( $file['name'][$i] ) . '.pdf',
591	+ $upload_album
592	+ ) );
593	+ if ( $id ) {
594	+ move_uploaded_file( $file['tmp_name'][$i], wppa_get_source_album_dir( $upload_album ) . '/' . $file['name'][$i] );
595	+ wppa_update_photo( array( 'id' => $id, 'ext' => wppa_get_ext( $file['name'][$i] ) ) );
596	+ wppa_cache_photo( 'invalidate', $id );
597	+ wppa_make_the_photo_files( wppa_get_source_album_dir( $upload_album ) . '/' . $file['name'][$i], $id, wppa_get_ext( $file['name'][$i] ) );
598	+ $uploaded_a_file = true;
599	+ $count++;
600	+ }
601	+
602	+ // No, just a photo
603	+ else {
604	+ $id = wppa_insert_photo( $file['tmp_name'][$i], $upload_album, $file['name'][$i] );
605	+ if ( $id ) {
606	+ $uploaded_a_file = true;
607	+ $count++;
608	+ wppa_pdf_postprocess( $id );
609	+ }
610	+ else {
611	+ wppa_error_message( __( 'Error inserting photo' , 'wp-photo-album-plus') . ' ' . wppa_sanitize_file_name( wppa_sima( basename( $file['name'][$i] ) ) ) . '.' );
612	+ return;
613	+ }
614	+ }
615	}
616	}
617	}

637	$count = '0';
638	foreach ( $_FILES as $file ) {
639	if ( $file['tmp_name'] != '' ) {
640	+ $file['tmp_name'] = wppa_down_ext( $file['tmp_name'] );
641	wppa( 'unsanitized_filename', $file['name'] );
642	wppa_pdf_preprocess( $file, $upload_album );
643	+
644	+ // Could not craete poster image
645	+ if ( wppa( 'is_pdf' ) && ! file_exists( $file['tmp_name'] ) ) {
646	+ $id = wppa_create_photo_entry( array( 'album' => $upload_album,
647	+ 'ext' => 'pdf',
648	+ 'name' => $file['name'],
649	+ 'filename' => wppa_strip_ext( $file['name'] ) . '.pdf',
650	+ ) );
651	$uploaded_a_file = true;
652	$count++;
653	+ wppa( 'is_pdf', false );

654	}
655	+
656	+ // Could create poster image or is no pdf
657	else {
658	+
659	+ // Are we uploading a posterfile for a pdf?
660	+ $id = $wpdb->get_var( $wpdb->prepare( "SELECT id FROM {$wpdb->wppa_photos}
661	+ WHERE filename = %s
662	+ AND album = %d",
663	+ wppa_strip_ext( $file['name'] ) . '.pdf',
664	+ $upload_album
665	+ ) );
666	+ if ( $id ) {
667	+ move_uploaded_file( $file['tmp_name'], wppa_get_source_album_dir( $upload_album ) . '/' . $file['name'] );
668	+ wppa_update_photo( array( 'id' => $id, 'ext' => wppa_get_ext( $file['name'][$i] ) ) );
669	+ wppa_cache_photo( 'invalidate', $id );
670	+ wppa_make_the_photo_files( wppa_get_source_album_dir( $upload_album ) . '/' . $file['name'], $id, wppa_get_ext( $file['name'] ) );
671	+ $uploaded_a_file = true;
672	+ $count++;
673	+ }
674	+
675	+ // No, just a photo
676	+ else {
677	+ $id = wppa_insert_photo( $file['tmp_name'], $upload_album, $file['name'] );
678	+ if ( $id ) {
679	+ $uploaded_a_file = true;
680	+ $count++;
681	+ wppa_pdf_postprocess( $id );
682	+ }
683	+ else {
684	+ wppa_error_message( __( 'Error inserting photo' , 'wp-photo-album-plus') . ' ' . wppa_sanitize_file_name( basename( $file['name'] ) ) . '.' );
685	+ return;
686	+ }
687	+ }
688	}
689	}
690	}

wppa-utils.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	* Package: wp-photo-album-plus
4	*
5	* Contains low-level utility routines
6	- * Version 7.0.01
7	*
8	*/
9
	@@ -1025,8 +1025,8 @@ function wppa_vfy_arg($arg, $txt = false) {
1025	else {
1026	$reason = ( defined('WP_DEBUG') && WP_DEBUG ) ? ': '.$arg.' is not numeric.' : '';
1027	$value = $_REQUEST[$arg];
1028	- if ( $arg == 'photo-id' && strlen($value) == 12 ) {
1029	- $value = wppa_decrypt_photo( $value );
1030	}
1031	if ( ! is_numeric($value) ) wp_die('Security check failue'.$reason);
1032	}
	@@ -2838,7 +2838,9 @@ function wppa_is_multi( $id ) {
2838	function wppa_fix_poster_ext( $fileorurl, $id ) {
2839
2840	// Has it extension .xxx ?
2841	- if ( substr( $fileorurl, -4 ) != '.xxx' && ~~strpos( $fileorurl, '.xxx?ver' ) === false ) {~~


2842	return $fileorurl;
2843	}
2844
	@@ -4510,15 +4512,6 @@ function wppa_get_spinner_svg_html( $xargs = array() ) {
4510	return $result;
4511	}
4512
4513	- // Can i handle pdf files?
4514	- function wppa_can_pdf() {
4515	-
4516	- if ( wppa_opt( 'image_magick' ) && wppa_switch( 'enable_pdf' ) ) {
4517	- return true;
4518	- }
4519	- return false;
4520	- }
4521	-
4522	// Are we on a windows platform?
4523	function wppa_is_windows() {
4524
	@@ -4530,7 +4523,7 @@ function wppa_is_windows() {
4530	function wppa_pdf_preprocess( &$file, $alb, $i = false ) {
4531
4532	// If pdf not enabled, nothing to do.
4533	- if ( ! ~~wppa_can_pdf~~() ) return;
4534
4535	// Is it a pdf?
4536	if ( $i === false ) {
	@@ -4593,14 +4586,32 @@ function wppa_pdf_preprocess( &$file, $alb, $i = false ) {
4593	wppa_log( 'fso', 'Imagick Created ' . $src . $jpg );
4594	}
4595
4596	- // ~~Copy~~ ~~the~~ ~~jpg~~ ~~image~~ ~~back~~ ~~to $file['name'] and $file['tmp_name']~~
4597	- if ( $~~single~~ ) {
4598	- $~~file['name']~~ = $jpg;
4599	- ~~wppa_copy~~( ~~$src~~ ~~. $jpg, $file[~~'~~tmp_name~~'] );






4600	}


4601	else {
4602	- $~~file['name'][$i]~~ = ~~$jpg;~~
4603	- ~~wppa_copy(~~ $~~src . $jpg, $~~file['~~tmp_name~~'][$~~i] )~~;










4604	}
4605
4606	// and continue as if it was a jpg, but remember its a .pdf


3	* Package: wp-photo-album-plus
4	*
5	* Contains low-level utility routines
6	+ * Version 7.0.03
7	*
8	*/
9

1025	else {
1026	$reason = ( defined('WP_DEBUG') && WP_DEBUG ) ? ': '.$arg.' is not numeric.' : '';
1027	$value = $_REQUEST[$arg];
1028	+ if ( $arg == 'photo-id' && strlen($value) >= 12 ) {
1029	+ $value = wppa_decrypt_photo( trim( $value. '/' ) );
1030	}
1031	if ( ! is_numeric($value) ) wp_die('Security check failue'.$reason);
1032	}

2838	function wppa_fix_poster_ext( $fileorurl, $id ) {
2839
2840	// Has it extension .xxx ?
2841	+ if ( substr( $fileorurl, -4 ) != '.xxx' &&
2842	+ strpos( $fileorurl, '.xxx?ver' ) === false &&
2843	+ wppa_get_ext( $fileorurl ) != 'pdf' ) {
2844	return $fileorurl;
2845	}
2846

4512	return $result;
4513	}
4514









4515	// Are we on a windows platform?
4516	function wppa_is_windows() {
4517

4523	function wppa_pdf_preprocess( &$file, $alb, $i = false ) {
4524
4525	// If pdf not enabled, nothing to do.
4526	+ if ( ! wppa_switch( 'enable_pdf' ) ) return;
4527
4528	// Is it a pdf?
4529	if ( $i === false ) {

4586	wppa_log( 'fso', 'Imagick Created ' . $src . $jpg );
4587	}
4588
4589	+ // Report imagemagick coud not create posterfile
4590	+ if ( $err ) {
4591	+ $png = wppa_strip_ext( $jpg ) . '.png';
4592	+ if ( wppa( 'ajax' ) ) {
4593	+ wppa( 'ajax_import_files_error', __( 'Could not create %s, you may upload a self created imagefile with this name or %s', 'wp-photo-album-plus' ), $jpg, $png );
4594	+ }
4595	+ else {
4596	+ wppa_warning_message(
4597	+ sprintf( __( 'Could not create %s, you may upload a self created imagefile with this name or %s', 'wp-photo-album-plus' ), '<b>'.$jpg.'</b>', '<b>'.$png.'</b>' ) );
4598	+ }
4599	}
4600	+
4601	+ // Copy the jpg image back to the wppa/temp/ folder and update $file['tmp_name'] to point to it
4602	else {
4603	+ if ( $single ) {
4604	+ $file['name'] = $jpg;
4605	+ $to = WPPA_UPLOAD_PATH . '/temp/' . basename( $file['tmp_name'] );
4606	+ wppa_copy( $src . $jpg, $to );
4607	+ $file['tmp_name'] = $to;
4608	+ }
4609	+ else {
4610	+ $file['name'][$i] = $jpg;
4611	+ $to = WPPA_UPLOAD_PATH . '/temp/' . basename( $file['tmp_name'][$i] );
4612	+ wppa_copy( $src . $jpg, $to );
4613	+ $file['tmp_name'][$i] = $to;
4614	+ }
4615	}
4616
4617	// and continue as if it was a jpg, but remember its a .pdf

wppa-wrappers.php CHANGED Viewed

	@@ -5,7 +5,7 @@
5	* Contains wrappers for standard php functions
6	* For security and bug reasons
7	*
8	- * Version 7.0.02
9	*
10	*/
11
	@@ -47,18 +47,18 @@ function wppa_copy( $from, $to ) {
47	// First test if we are uploading
48	if ( ! wppa_is_path_safe( $from ) && $_FILES ) {
49	if ( ! wppa_is_path_safe( $to ) ) {
50	- wppa_log( 'War', 'Unsafe to path detected in wppa_copy(): ' . sanitize_text_field( $to ), true );
51	return false;
52	}
53	return wppa_move_uploaded_file( $from, $to );
54	}
55
56	if ( ! wppa_is_path_safe( $from ) ) {
57	- wppa_log( 'War', 'Unsafe from path detected in wppa_copy(): ' . sanitize_text_field( $from ), true );
58	return false; // For diagnostic purposes, no return here yet
59	}
60	if ( ! wppa_is_path_safe( $to ) ) {
61	- wppa_log( 'War', 'Unsafe to path detected in wppa_copy(): ' . sanitize_text_field( $to ), true );
62	return false; // For diagnostic purposes, no return here yet
63	}
64	return copy( $from, $to );
	@@ -125,12 +125,12 @@ function wppa_fopen( $file, $mode ) {
125	}
126
127	// Wrapper for glob
128	- function wppa_glob( $pattern, $flags = null ) {
129
130	// Is path safe?
131	$dir = dirname( $pattern );
132	- if ( ! wppa_is_path_safe( $dir ) ) {
133	- wppa_log( 'War', 'Unsafe path detected in wppa_glob(): ' . sanitize_text_field( $~~pattern~~ ), true );
134	return false;
135	}
136
	@@ -213,9 +213,7 @@ function wppa_is_file( $path ) {
213	}
214
215	// Utility to check if a given full filepath is safe to manipulate upon
216	- function wppa_is_path_safe( $path ) {
217	- static $safe_roots;
218	- static $safe_files;
219	global $wppa_lang;
220	global $wppa_log_file;
221
	@@ -226,35 +224,33 @@ global $wppa_log_file;
226
227	if ( ! defined( 'WPPA_UPLOAD_PATH' ) ) return true; // During activation/setup
228
229	- if ( ~~empty(~~ ~~$safe_files~~ ) ) {
230	-
231	- // ~~The~~ ~~following files are safe to read or write to~~
232	- ~~$safe_files~~ ~~= array( WPPA_PATH~~ . '/index.php',
233	- ~~WPPA_PATH . '/wppa-dump.txt'~~,
234	- WPPA_CONTENT_PATH . '/~~uploads~~/~~index~~.~~php~~',
235	- ~~$wppa_log_file,~~
236	- ~~WPPA_CONTENT_PATH . '/plugins/wp-photo-album-plus/img/audiostub.jpg',~~
237	- );
238	- }
239	-
240	- if ( ~~empty~~( ~~$safe_roots~~ ) ~~) {~~
241	-
242	- // ~~The~~ ~~following root dirs are safe~~, ~~including all their subdirs, to read/write into~~
243	- ~~$safe_roots~~ ~~= array( WPPA_CONTENT_PATH~~ . '/~~uploads~~',
244	- ~~WPPA_CONTENT_PATH~~ . '/~~wppa-depot~~',
245	- ~~WPPA_CONTENT_PATH~~ . '/' . ~~wppa_opt(~~ '~~pl_dirname' )~~,
246	- ~~WPPA_CONTENT_PATH~~ . '/' ~~. wppa_opt( 'cache_root' )~~,
247	- ~~WPPA_CONTENT_PATH~~ . '/~~blogs.dir~~',
248	- ~~WPPA_PATH~~ . '/~~fonts~~',
249	- ~~WPPA_PATH~~ . '/~~watermarks~~',
250	- ~~WPPA_PATH~~ . '/~~wppa-dump.txt~~',
251	- ~~WPPA_PATH . '/dynamic',~~
252	- ~~WPPA_UPLOAD_PATH . '/temp',~~
253	- ~~WPPA_UPLOAD_PATH~~ . ~~'/zips',~~
254	- ~~WPPA_UPLOAD_PATH~~ . ~~'/qr',~~
255	- ~~WPPA_UPLOAD_PATH~~ . ~~'/cache',~~
256	- );
257	-
258	}
259
260	// Verify specific files
	@@ -273,6 +269,10 @@ global $wppa_log_file;
273	// Verify roots
274	foreach( array_keys( $safe_roots ) as $key ) {
275




276	// Starts the path with a safe root?
277	if ( strpos( $path, $safe_roots[$key] ) === 0 ) {
278


5	* Contains wrappers for standard php functions
6	* For security and bug reasons
7	*
8	+ * Version 7.0.03
9	*
10	*/
11

47	// First test if we are uploading
48	if ( ! wppa_is_path_safe( $from ) && $_FILES ) {
49	if ( ! wppa_is_path_safe( $to ) ) {
50	+ wppa_log( 'War', '1 Unsafe to path detected in wppa_copy(): ' . sanitize_text_field( $to ), true );
51	return false;
52	}
53	return wppa_move_uploaded_file( $from, $to );
54	}
55
56	if ( ! wppa_is_path_safe( $from ) ) {
57	+ wppa_log( 'War', '2 Unsafe from path detected in wppa_copy(): ' . sanitize_text_field( $from ), true );
58	return false; // For diagnostic purposes, no return here yet
59	}
60	if ( ! wppa_is_path_safe( $to ) ) {
61	+ wppa_log( 'War', '3 Unsafe to path detected in wppa_copy(): ' . sanitize_text_field( $to ), true );
62	return false; // For diagnostic purposes, no return here yet
63	}
64	return copy( $from, $to );

125	}
126
127	// Wrapper for glob
128	+ function wppa_glob( $pattern, $flags = null, $wp_content = false ) {
129
130	// Is path safe?
131	$dir = dirname( $pattern );
132	+ if ( ! wppa_is_path_safe( $dir, $wp_content ) ) {
133	+ wppa_log( 'War', 'Unsafe path detected in wppa_glob(): ' . sanitize_text_field( $dir ), true );
134	return false;
135	}
136

213	}
214
215	// Utility to check if a given full filepath is safe to manipulate upon
216	+ function wppa_is_path_safe( $path, $wp_content = false ) {


217	global $wppa_lang;
218	global $wppa_log_file;
219

224
225	if ( ! defined( 'WPPA_UPLOAD_PATH' ) ) return true; // During activation/setup
226
227	+ // The following files are safe to read or write to
228	+ $safe_files = array( WPPA_PATH . '/index.php',
229	+ WPPA_PATH . '/wppa-dump.txt',
230	+ WPPA_CONTENT_PATH . '/uploads/index.php',
231	+ $wppa_log_file,
232	+ WPPA_CONTENT_PATH . '/plugins/wp-photo-album-plus/img/audiostub.jpg',
233	+ );
234	+
235	+ // The following root dirs are safe, including all their subdirs, to read/write into
236	+ $safe_roots = array( WPPA_CONTENT_PATH . '/uploads',
237	+ WPPA_CONTENT_PATH . '/wppa-depot',
238	+ WPPA_CONTENT_PATH . '/' . wppa_opt( 'pl_dirname' ),
239	+ WPPA_CONTENT_PATH . '/' . wppa_opt( 'cache_root' ),
240	+ WPPA_CONTENT_PATH . '/blogs.dir',
241	+ WPPA_PATH . '/fonts',
242	+ WPPA_PATH . '/watermarks',
243	+ WPPA_PATH . '/wppa-dump.txt',
244	+ WPPA_PATH . '/dynamic',
245	+ WPPA_UPLOAD_PATH . '/temp',
246	+ WPPA_UPLOAD_PATH . '/zips',
247	+ WPPA_UPLOAD_PATH . '/qr',
248	+ WPPA_UPLOAD_PATH . '/cache',
249	+ );
250	+
251	+ // wp-content is only safe if explixitely asked for (glob in import proc)
252	+ if ( $wp_content ) {
253	+ $safe_roots[] = WPPA_CONTENT_PATH;


254	}
255
256	// Verify specific files

269	// Verify roots
270	foreach( array_keys( $safe_roots ) as $key ) {
271
272	+ if ( $path == $safe_roots[$key] ) {
273	+ return true;
274	+ }
275	+
276	// Starts the path with a safe root?
277	if ( strpos( $path, $safe_roots[$key] ) === 0 ) {
278

wppa.php CHANGED Viewed

	@@ -2,7 +2,7 @@
2	/*
3	* Plugin Name: WP Photo Album Plus
4	* Description: Easily manage and display your photo albums and slideshows within your WordPress site.
5	- * Version: 7.0.02.~~002~~
6	* Author: J.N. Breetvelt a.k.a. OpaJaap
7	* Author URI: http://wppa.opajaap.nl/
8	* Plugin URI: http://wordpress.org/extend/plugins/wp-photo-album-plus/
	@@ -22,8 +22,8 @@ global $wpdb;
22	global $wp_version;
23
24	/* WPPA GLOBALS */
25	- global $wppa_revno; $wppa_revno = '~~7002~~'; // WPPA db version
26	- global $wppa_api_version; $wppa_api_version = '7-0-02-~~002~~'; // WPPA software version
27
28	/* start timers */
29	global $wppa_starttime; $wppa_starttime = microtime( true );


2	/*
3	* Plugin Name: WP Photo Album Plus
4	* Description: Easily manage and display your photo albums and slideshows within your WordPress site.
5	+ * Version: 7.0.03.006
6	* Author: J.N. Breetvelt a.k.a. OpaJaap
7	* Author URI: http://wppa.opajaap.nl/
8	* Plugin URI: http://wordpress.org/extend/plugins/wp-photo-album-plus/

22	global $wp_version;
23
24	/* WPPA GLOBALS */
25	+ global $wppa_revno; $wppa_revno = '7003'; // WPPA db version
26	+ global $wppa_api_version; $wppa_api_version = '7-0-03-006'; // WPPA software version
27
28	/* start timers */
29	global $wppa_starttime; $wppa_starttime = microtime( true );