WP Photo Album Plus - Version 8.0.07.006

Version Description

= 8.0.07 =

This version addresses various bug fixes and security fixes.

Release Info

Developer	opajaap
Plugin	WP Photo Album Plus
Version	8.0.07.006
Comparing to
See all releases

Code changes from version 8.0.07.005 to 8.0.07.006

Files changed (8) hide show

changelog.txt +3 -1
wppa-ajax.php +10 -9
wppa-boxes-html.php +10 -2
wppa-common-functions.php +6 -1
wppa-input.php +34 -12
wppa-links.php +15 -3
wppa-utils.php +2 -1
wppa.php +2 -2

changelog.txt CHANGED Viewed

	@@ -6,7 +6,9 @@ WP Photo Album Plus Changelog
6	* Role specific upload limits did no longer work. Fixed.
7	* Popups on masonry thumbnails did not work when links on thumbnails differ from lightbox. Fixed.
8	* Rightclick on thumbnail or thumbnail popup allows you to open the link in a new tab, if No rightclick is not on.
9	- * ~~Yitle~~ of the QR widget was wrong and not editable. Fixed.


10
11	= 8.0.06 =
12


6	* Role specific upload limits did no longer work. Fixed.
7	* Popups on masonry thumbnails did not work when links on thumbnails differ from lightbox. Fixed.
8	* Rightclick on thumbnail or thumbnail popup allows you to open the link in a new tab, if No rightclick is not on.
9	+ * Title of the QR widget was wrong and not editable. Fixed.
10	+ * Linktypes 'The photos in the author9s) albums, slideshow' and 'All the authors photos, slideshow' for the BstOf widget/shortcode did not work. Fixed.
11	+ * Fixed issues caused by tags that contain single quotes.
12
13	= 8.0.06 =
14

wppa-ajax.php CHANGED Viewed

	@@ -2,7 +2,7 @@
2	/* wppa-ajax.php
3	*
4	* Functions used in ajax requests
5	- * Version 8.0.07.~~005~~
6	*
7	*/
8
	@@ -1600,11 +1600,11 @@ global $wppa;
1600	break;
1601
1602	case 'update-album':
1603	- $album = wppa_get( 'album-id' );
1604	$nonce = wppa_get( 'nonce' );
1605	- $item = wppa_get( 'item' );
1606	- $value = wppa_get( 'value' );
1607	- $value = wppa_decode( $value );
1608
1609	if ( ! current_user_can( 'unfiltered_html' ) ) {
1610	$value = strip_tags( $value );
	@@ -1950,9 +1950,9 @@ global $wppa;
1950	wppa_clear_cache();
1951	wppa_exit();
1952	break;
1953	-
1954	case 'update-comment-status':
1955	- $photo = wppa_get( 'photo-id' );
1956	$nonce = wppa_get( 'nonce' );
1957	$comid = wppa_get( 'comment-id' );
1958	$comstat = wppa_get( 'comment-status' );
	@@ -1985,7 +1985,8 @@ global $wppa;
1985	}
1986	wppa_exit();
1987	break;
1988	-

1989	case 'watermark-photo':
1990	$photo = wppa_get( 'photo-id' );
1991	$nonce = wppa_get( 'nonce' );
	@@ -2010,7 +2011,7 @@ global $wppa;
2010	echo '\|\|1\|\|'.__( 'An error occurred while trying to apply a watermark' , 'wp-photo-album-plus');
2011	wppa_exit();
2012	}
2013	-
2014	/* START UPDATE PHOTO */
2015
2016	case 'update-photo':


2	/* wppa-ajax.php
3	*
4	* Functions used in ajax requests
5	+ * Version 8.0.07.006
6	*
7	*/
8

1600	break;
1601
1602	case 'update-album':
1603	+ $album = wppa_get( 'album-id', '0', 'int' );
1604	$nonce = wppa_get( 'nonce' );
1605	+ $item = wppa_get( 'item', '', 'text' );
1606	+ $value = wppa_get( 'value', '', 'text' );
1607	+ $value = wppa_decode( $value );
1608
1609	if ( ! current_user_can( 'unfiltered_html' ) ) {
1610	$value = strip_tags( $value );

1950	wppa_clear_cache();
1951	wppa_exit();
1952	break;
1953	+ /*
1954	case 'update-comment-status':
1955	+ $photo = wppa_get( 'photo-id', '0', 'int' );
1956	$nonce = wppa_get( 'nonce' );
1957	$comid = wppa_get( 'comment-id' );
1958	$comstat = wppa_get( 'comment-status' );

1985	}
1986	wppa_exit();
1987	break;
1988	+ */
1989	+ /*
1990	case 'watermark-photo':
1991	$photo = wppa_get( 'photo-id' );
1992	$nonce = wppa_get( 'nonce' );

2011	echo '\|\|1\|\|'.__( 'An error occurred while trying to apply a watermark' , 'wp-photo-album-plus');
2012	wppa_exit();
2013	}
2014	+ */
2015	/* START UPDATE PHOTO */
2016
2017	case 'update-photo':

wppa-boxes-html.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	* Package: wp-photo-album-plus
4	*
5	* Various wppa boxes
6	- * Version 8.0.07.~~005~~
7	*
8	*/
9
	@@ -5151,13 +5151,21 @@ function wppa_bestof_html( $args, $widget = true ) {
5151	$title = __( 'See the authors albums', 'wp-photo-album-plus');
5152	break;
5153	case 'ownerphotos':
5154	- $href = wppa_get_permalink( $page ).'wppa-cover=0&wppa-owner='.$data[$author]['owner'].'&photos-only&wppa-occur=1';
5155	$title = __( 'See the authors photos', 'wp-photo-album-plus');
5156	break;




5157	case 'upldrphotos':
5158	$href = wppa_get_permalink( $page ).'wppa-cover=0&wppa-upldr='.$data[$author]['owner'].'&wppa-occur=1';
5159	$title = __( 'See all the authors photos', 'wp-photo-album-plus');
5160	break;




5161	default:
5162	$href = '';
5163	$title = '';


3	* Package: wp-photo-album-plus
4	*
5	* Various wppa boxes
6	+ * Version 8.0.07.006
7	*
8	*/
9

5151	$title = __( 'See the authors albums', 'wp-photo-album-plus');
5152	break;
5153	case 'ownerphotos':
5154	+ $href = wppa_get_permalink( $page ).'wppa-cover=0&wppa-owner='.$data[$author]['owner'].'&photos-only=1&wppa-occur=1';
5155	$title = __( 'See the authors photos', 'wp-photo-album-plus');
5156	break;
5157	+ case 'ownerphotosslide':
5158	+ $href = wppa_get_permalink( $page ).'wppa-cover=0&wppa-owner='.$data[$author]['owner'].'&slide=1&wppa-occur=1';
5159	+ $title = __( 'See the authors photos in a slideshow', 'wp-photo-album-plus');
5160	+ break;
5161	case 'upldrphotos':
5162	$href = wppa_get_permalink( $page ).'wppa-cover=0&wppa-upldr='.$data[$author]['owner'].'&wppa-occur=1';
5163	$title = __( 'See all the authors photos', 'wp-photo-album-plus');
5164	break;
5165	+ case 'upldrphotosslide':
5166	+ $href = wppa_get_permalink( $page ).'wppa-cover=0&wppa-upldr='.$data[$author]['owner'].'&wppa-occur=1&slide=1';
5167	+ $title = __( 'See all the authors photos', 'wp-photo-album-plus');
5168	+ break;
5169	default:
5170	$href = '';
5171	$title = '';

wppa-common-functions.php CHANGED Viewed

	@@ -2,7 +2,7 @@
2	/* wppa-common-functions.php
3	*
4	* Functions used in admin and in themes
5	- * Version 8.0.07.~~002~~
6	*
7	*/
8
	@@ -767,6 +767,11 @@ function wppa_dbg_msg( $txt = '', $color = 'blue', $force = false, $return = fal
767
768	if ( wppa( 'debug' ) \|\| $force \|\| ( is_admin() && WPPA_DEBUG ) \|\| ( WPPA_DEBUG && $color == 'red' ) ) {
769





770	if ( $force ) {
771	wppa_log( 'Err', 'Forced debug message: ' . sanitize_text_field( $txt ), true );
772	}


2	/* wppa-common-functions.php
3	*
4	* Functions used in admin and in themes
5	+ * Version 8.0.07.006
6	*
7	*/
8

767
768	if ( wppa( 'debug' ) \|\| $force \|\| ( is_admin() && WPPA_DEBUG ) \|\| ( WPPA_DEBUG && $color == 'red' ) ) {
769
770	+ $stack = debug_backtrace( DEBUG_BACKTRACE_IGNORE_ARGS, 5 );
771	+ $from = 'From : '.basename( $stack[0]['file'] ).' line: '.$stack[0]['line'].' in function '.$stack[1]['function'].
772	+ ' - '.$stack[2]['function'].' - '.$stack[3]['function'].' - '.$stack[4]['function'];
773	+ $txt .= ' '.$from;
774	+
775	if ( $force ) {
776	wppa_log( 'Err', 'Forced debug message: ' . sanitize_text_field( $txt ), true );
777	}

wppa-input.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	* Package: wp-photo-album-plus
4	*
5	* Contains functions for sanitizing and formatting user input
6	- * Version 8.0.07.~~005~~
7	*
8	*/
9
	@@ -204,6 +204,7 @@ function wppa_get_get_filter( $name ) {
204	case 'switchto':
205	case 'order_by':
206	case 'comname':

207	$result = 'text';
208	break;
209
	@@ -245,6 +246,9 @@ function wppa_get_get_filter( $name ) {
245	function wppa_get( $xname, $default = false, $filter = false ) {
246	global $wpdb;
247



248	// Ajax call?
249	if ( $xname == 'wppa-action' ) {
250	if ( isset( $_REQUEST['wppa-action'] ) ) {
	@@ -267,9 +271,16 @@ global $wpdb;
267	}
268
269	// Get the value
270	- ~~$value~~ ~~= isset~~( $~~_REQUEST[$~~name] ) ? ~~$_REQUEST[$name]~~ : ~~null;~~
271	- if ( ~~$value === null ) $value =~~ isset( $_REQUEST[$xname] ) ? ~~$_REQUEST[$xname] : null;~~
272	- ~~if (~~ $value ~~===~~ ~~null ) return~~ $~~default~~;







273
274	// Get the right filter
275	if ( ! $filter ) {
	@@ -297,6 +308,10 @@ global $wpdb;
297	$value[$i] = strval( intval( $value[$i] ) );
298	}
299	}




300	break;
301
302	case 'bool':
	@@ -347,11 +362,13 @@ global $wpdb;
347
348	case 'acrypt':
349	$result = trim( $value, '/' );
350	- if ( ~~get_option~~( ~~'wppa_use_album_names_in_urls',~~ ~~'no'~~ ) ~~== 'yes'~~ ) {
351	- ~~$result~~ = ~~wppa_decode_album~~( ~~$value~~ );
352	- }
353	- ~~else {~~
354	- ~~$result~~ ~~= wppa_decrypt_album( $value );~~


355	}
356	break;
357
	@@ -374,10 +391,15 @@ global $wpdb;
374	break;
375	}
376
377	- // $r = ~~is_array( $result ) ? var_export( $result, true ) : $result;~~
378	- ~~// $text = 'Query arg '.$xname.' requested. Raw data = '.$value.', filtered by '.$filter.', returned '.$r;~~
379	- // ~~wppa_log~~( ~~'obs'~~, ~~$text~~ );



380	// wppa_dump( $text );


381	return $result;
382	}
383


3	* Package: wp-photo-album-plus
4	*
5	* Contains functions for sanitizing and formatting user input
6	+ * Version 8.0.07.006
7	*
8	*/
9

204	case 'switchto':
205	case 'order_by':
206	case 'comname':
207	+ case 'value':
208	$result = 'text';
209	break;
210

246	function wppa_get( $xname, $default = false, $filter = false ) {
247	global $wpdb;
248
249	+ // Save orig xname for debug
250	+ $oxname = $xname;
251	+
252	// Ajax call?
253	if ( $xname == 'wppa-action' ) {
254	if ( isset( $_REQUEST['wppa-action'] ) ) {

271	}
272
273	// Get the value
274	+ if ( $name == 'page' ) { // Admin page is not the wppa pageno
275	+ if ( isset( $_REQUEST[$xname] ) ) {
276	+ $value = $_REQUEST[$xname];
277	+ }
278	+ }
279	+ else {
280	+ $value = isset( $_REQUEST[$name] ) ? $_REQUEST[$name] : null;
281	+ }
282	+ if ( ! isset( $value ) ) $value = isset( $_REQUEST[$xname] ) ? $_REQUEST[$xname] : null;
283	+ if ( ! isset( $value ) ) return $default;
284
285	// Get the right filter
286	if ( ! $filter ) {

308	$value[$i] = strval( intval( $value[$i] ) );
309	}
310	}
311	+ else {
312	+ $value = strval( intval( $value ) );
313	+ }
314	+ $result = $value;
315	break;
316
317	case 'bool':

362
363	case 'acrypt':
364	$result = trim( $value, '/' );
365	+ if ( ! wppa_is_int( $result ) ) {
366	+ if ( get_option( 'wppa_use_album_names_in_urls', 'no' ) == 'yes' ) {
367	+ $result = wppa_decode_album( $value );
368	+ }
369	+ else {
370	+ $result = wppa_decrypt_album( $value );
371	+ }
372	}
373	break;
374

391	break;
392	}
393
394	+ // Start debug
395	+
396	+ $stack = debug_backtrace( DEBUG_BACKTRACE_IGNORE_ARGS, 2 );
397	+ $from = 'From : '.basename( $stack[0]['file'] ).' line: '.$stack[0]['line'].' in function '.$stack[1]['function'];
398	+ $text = 'Query arg '.$oxname.' requested. Raw data = '.var_export($value, true).', filtered by '.$filter.', returned '.var_export( $result, true );//.' '.$from;
399	+ wppa_dbg_msg( $text, 'purple' );
400	// wppa_dump( $text );
401	+
402	+ // End debug
403	return $result;
404	}
405

wppa-links.php CHANGED Viewed

	@@ -4,7 +4,7 @@
4	*
5	* Frontend links
6
7	- * Version 8.0.07.~~005~~
8	*/
9
10	if ( ! defined( 'ABSPATH' ) ) die( "Can't load this file directly" );
	@@ -915,6 +915,8 @@ function wppa_numbers_to_names_in_uri( $xuri ) {
915	function wppa_convert_item_number_to_name_in_uri( $xuri, $what ) {
916	global $wpdb;
917


918	$uri = $xuri;
919
920	// Init $what specific
	@@ -962,10 +964,20 @@ global $wpdb;
962	if ( $id && wppa_is_int( $id ) ) {
963
964	if ( $what == 'album' ) {
965	- ~~$sname~~ = ~~wppa_get_album_item~~( $id, ~~'sname'~~ );





966	}
967	else {
968	- ~~$sname~~ = ~~wppa_get_photo_item~~( $id, ~~'sname'~~ );





969	}
970
971	// Backward compat: if no sname yet, create it


4	*
5	* Frontend links
6
7	+ * Version 8.0.07.006
8	*/
9
10	if ( ! defined( 'ABSPATH' ) ) die( "Can't load this file directly" );

915	function wppa_convert_item_number_to_name_in_uri( $xuri, $what ) {
916	global $wpdb;
917
918	+ // wppa_dbg_msg($xuri);
919	+
920	$uri = $xuri;
921
922	// Init $what specific

964	if ( $id && wppa_is_int( $id ) ) {
965
966	if ( $what == 'album' ) {
967	+ if ( wppa_album_exists( $id ) ) {
968	+ $sname = wppa_get_album_item( $id, 'sname' );
969	+ }
970	+ else {
971	+ return $uri;
972	+ }
973	}
974	else {
975	+ if ( wppa_photo_exists( $id ) ) {
976	+ $sname = wppa_get_photo_item( $id, 'sname' );
977	+ }
978	+ else {
979	+ return $uri;
980	+ }
981	}
982
983	// Backward compat: if no sname yet, create it

wppa-utils.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	* Package: wp-photo-album-plus
4	*
5	* Contains low-level utility routines
6	- * Version 8.0.07.~~005~~
7	*
8	*/
9
	@@ -5037,6 +5037,7 @@ static $level;
5037	}
5038	function _wppa_get_nesting_level( $id ) {
5039

5040	$alb = wppa_cache_album( $id );
5041	if ( is_array( $alb ) && $alb['a_parent'] > '0' ) {
5042	return _wppa_get_nesting_level( $alb['a_parent'] ) + '1';


3	* Package: wp-photo-album-plus
4	*
5	* Contains low-level utility routines
6	+ * Version 8.0.07.006
7	*
8	*/
9

5037	}
5038	function _wppa_get_nesting_level( $id ) {
5039
5040	+ if ( ! $id ) return '0';
5041	$alb = wppa_cache_album( $id );
5042	if ( is_array( $alb ) && $alb['a_parent'] > '0' ) {
5043	return _wppa_get_nesting_level( $alb['a_parent'] ) + '1';

wppa.php CHANGED Viewed

	@@ -2,7 +2,7 @@
2	/*
3	* Plugin Name: WP Photo Album Plus
4	* Description: Easily manage and display your photo albums and slideshows within your WordPress site.
5	- * Version: 8.0.07.~~005~~
6	* Author: J.N. Breetvelt a.k.a. OpaJaap
7	* Author URI: http://wppa.opajaap.nl/
8	* Plugin URI: http://wordpress.org/extend/plugins/wp-photo-album-plus/
	@@ -24,7 +24,7 @@ global $wp_version;
24
25	/* WPPA GLOBALS */
26	global $wppa_api_version;
27	- $wppa_api_version = '8.0.07.~~005~~'; // WPPA software version
28	global $wppa_revno;
29	$wppa_revno = str_replace( '.', '', $wppa_api_version ); // WPPA db version
30


2	/*
3	* Plugin Name: WP Photo Album Plus
4	* Description: Easily manage and display your photo albums and slideshows within your WordPress site.
5	+ * Version: 8.0.07.006
6	* Author: J.N. Breetvelt a.k.a. OpaJaap
7	* Author URI: http://wppa.opajaap.nl/
8	* Plugin URI: http://wordpress.org/extend/plugins/wp-photo-album-plus/

24
25	/* WPPA GLOBALS */
26	global $wppa_api_version;
27	+ $wppa_api_version = '8.0.07.006'; // WPPA software version
28	global $wppa_revno;
29	$wppa_revno = str_replace( '.', '', $wppa_api_version ); // WPPA db version
30