WP Photo Album Plus - Version 8.0.07.007

Version Description

= 8.0.07 =

  • This version addresses various bug fixes and security fixes.
Download this release

Release Info

Developer opajaap
Plugin Icon wp plugin WP Photo Album Plus
Version 8.0.07.007
Comparing to
See all releases

Code changes from version 8.0.07.006 to 8.0.07.007

Files changed (12) hide show
  1. changelog.txt +2 -0
  2. wppa-ajax.php +2 -2
  3. wppa-boxes-html.php +31 -27
  4. wppa-encrypt.php +148 -123
  5. wppa-functions.php +35 -12
  6. wppa-input.php +3 -17
  7. wppa-statistics.php +35 -30
  8. wppa-stats-widget.php +8 -3
  9. wppa-styles.php +2 -2
  10. wppa-topten-widget.php +5 -4
  11. wppa-utils.php +9 -6
  12. wppa.php +2 -2
changelog.txt CHANGED
@@ -9,6 +9,8 @@ WP Photo Album Plus Changelog
9
  * Title of the QR widget was wrong and not editable. Fixed.
10
  * Linktypes 'The photos in the author9s) albums, slideshow' and 'All the authors photos, slideshow' for the BstOf widget/shortcode did not work. Fixed.
11
  * Fixed issues caused by tags that contain single quotes.
 
 
12
 
13
  = 8.0.06 =
14
 
9
  * Title of the QR widget was wrong and not editable. Fixed.
10
  * Linktypes 'The photos in the author9s) albums, slideshow' and 'All the authors photos, slideshow' for the BstOf widget/shortcode did not work. Fixed.
11
  * Fixed issues caused by tags that contain single quotes.
12
+ * Custom datafields could only be updated by users that had unfiltered_html capability. Fixed.
13
+ * One can no longer cache the stats widget, its useless.
14
 
15
  = 8.0.06 =
16
 
wppa-ajax.php CHANGED
@@ -2,7 +2,7 @@
2
  /* wppa-ajax.php
3
  *
4
  * Functions used in ajax requests
5
- * Version 8.0.07.006
6
  *
7
  */
8
 
@@ -1104,7 +1104,7 @@ global $wppa;
1104
  case 'bumpviewcount':
1105
  $nonce = wppa_get( 'nonce' );
1106
  if ( wp_verify_nonce( $nonce, 'wppa-check' ) ) {
1107
- wppa_bump_viewcount( 'photo', wppa_get( 'wppa-photo' ) );
1108
  }
1109
  else {
1110
  _e( 'Security check failure' , 'wp-photo-album-plus');
2
  /* wppa-ajax.php
3
  *
4
  * Functions used in ajax requests
5
+ * Version 8.0.07.007
6
  *
7
  */
8
 
1104
  case 'bumpviewcount':
1105
  $nonce = wppa_get( 'nonce' );
1106
  if ( wp_verify_nonce( $nonce, 'wppa-check' ) ) {
1107
+ wppa_bump_viewcount( 'photo', wppa_get( 'photo' ) );
1108
  }
1109
  else {
1110
  _e( 'Security check failure' , 'wp-photo-album-plus');
wppa-boxes-html.php CHANGED
@@ -3,7 +3,7 @@
3
  * Package: wp-photo-album-plus
4
  *
5
  * Various wppa boxes
6
- * Version 8.0.07.006
7
  *
8
  */
9
 
@@ -1707,43 +1707,47 @@ function wppa_get_multitag_html( $nperline = '2', $seltags = '' ) {
1707
  url += "&wppa-inv=1";
1708
  }
1709
  url += "&wppa-tag=";
1710
- ';
1711
-
1712
- if ( $or_only ) {
1713
- $result .= '
1714
- andor = "or";
1715
- sep = ";";
1716
  ';
1717
- }
1718
- else {
1719
- $result .= '
1720
- andor = "and";
1721
- sep = ",";
1722
- if ( document.getElementById( "andoror-' . $mocc . '" ).checked ) {
1723
  andor = "or";
1724
  sep = ";";
1725
- }';
1726
- }
1727
-
1728
- $selarr = $seltags ? explode( ',', $seltags ) : array();
1729
- if ( $tags ) foreach ( $tags as $tag ) {
1730
- if ( ! $seltags || in_array( $tag['tag'], $selarr ) ) {
1731
  $result .= '
1732
- if ( document.getElementById( "wppa-' . $mocc . '-' . str_replace( ' ', '_', $tag['tag'] ) . '" ).checked ) {
1733
- url+="' . urlencode( $tag['tag'] ) . '"+sep;
1734
- any = true;
 
 
1735
  }';
1736
  }
1737
- }
1738
 
1739
- $result .= '
1740
- if ( any ) document.location = url;
1741
- else alert ( "' . __( 'Please check the tag(s) that the photos must have', 'wp-photo-album-plus' ) . '" );
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1742
  }
1743
  </script>
1744
  ';
1745
 
1746
- $qtag = wppa_get( 'tag' );
1747
  $andor = $or_only ? 'or' : 'and'; // default
1748
  if ( strpos( $qtag, ',' ) ) {
1749
  $querystringtags = explode( ',',wppa_get( 'tag' ) );
3
  * Package: wp-photo-album-plus
4
  *
5
  * Various wppa boxes
6
+ * Version 8.0.07.007
7
  *
8
  */
9
 
1707
  url += "&wppa-inv=1";
1708
  }
1709
  url += "&wppa-tag=";
 
 
 
 
 
 
1710
  ';
1711
+
1712
+ if ( $or_only ) {
1713
+ $result .= '
 
 
 
1714
  andor = "or";
1715
  sep = ";";
1716
+ ';
1717
+ }
1718
+ else {
 
 
 
1719
  $result .= '
1720
+ andor = "and";
1721
+ sep = ",";
1722
+ if ( jQuery( "#andoror-' . $mocc . '" ).prop( "checked" ) ) {
1723
+ andor = "or";
1724
+ sep = ";";
1725
  }';
1726
  }
 
1727
 
1728
+ $selarr = $seltags ? explode( ',', $seltags ) : array();
1729
+ if ( $tags ) foreach ( $tags as $tag ) {
1730
+ if ( ! $seltags || in_array( $tag['tag'], $selarr ) ) {
1731
+ $result .= '
1732
+ if ( document.getElementById( "wppa-' . $mocc . '-' . str_replace( ' ', '_', $tag['tag'] ) . '" ).checked ) {
1733
+ url+="' . urlencode( $tag['tag'] ) . '"+sep;
1734
+ any = true;
1735
+ }';
1736
+ }
1737
+ }
1738
+
1739
+ $result .= '
1740
+ if ( any ) {
1741
+ document.location = url;
1742
+ }
1743
+ else {
1744
+ alert ( "' . __( 'Please check the tag(s) that the photos must have', 'wp-photo-album-plus' ) . '" );
1745
+ }
1746
  }
1747
  </script>
1748
  ';
1749
 
1750
+ $qtag = wppa_get( 'tag', '', 'text' );
1751
  $andor = $or_only ? 'or' : 'and'; // default
1752
  if ( strpos( $qtag, ',' ) ) {
1753
  $querystringtags = explode( ',',wppa_get( 'tag' ) );
wppa-encrypt.php CHANGED
@@ -3,7 +3,7 @@
3
  * Package: wp-photo-album-plus
4
  *
5
  * Contains all ecryption/decryption logic
6
- * Version 8.0.07.005
7
  *
8
  */
9
 
@@ -162,169 +162,194 @@ function wppa_encrypt_album( $album ) {
162
  return $result;
163
  }
164
 
165
- // Convert photo crypt to id
166
- function wppa_decrypt_photo( $photo, $report_error = true, $no_refuse = false ) {
167
  global $wpdb;
168
 
169
- // Fix js trick
170
- $photo = trim( $photo, '/' );
171
 
172
- // If enumeration, split
173
- if ( strpos( $photo, '.' ) !== false ) {
174
- $photos = explode( '.', $photo );
175
- foreach( array_keys( $photos ) as $key ) {
176
- if ( strlen( $photos[$key] ) ) {
177
- $photos[$key] = wppa_decrypt_photo( $photos[$key] );
178
- }
179
- }
180
- $id = implode( '.', $photos );
181
- return $id;
182
- }
183
 
184
- // Already decrypted?
185
- if ( strlen( $photo ) < 12 ) {
186
- if ( wppa_switch( 'refuse_unencrypted' ) && ! $no_refuse ) {
187
- wppa_dbg_msg( 'Invalid photo identifier (1): ' . $photo, 'red', 'force' );
188
- wppa_log( 'war', 'Could not decrypt photo (1): ' . $photo, true );
189
- return false;
 
 
 
 
 
 
 
190
  }
191
- return intval( $photo );
192
  }
193
 
194
- // Just do it
195
- $id = $wpdb->get_var( $wpdb->prepare( "SELECT id FROM $wpdb->wppa_photos WHERE crypt = %s", substr( $photo, 0, 12 ) ) );
196
- if ( ! $id ) {
197
- if ( $report_error ) {
198
- wppa_dbg_msg( 'Invalid photo identifier (2): ' . $photo, 'red', 'force' );
199
- wppa_log( 'war', 'Could not decrypt photo (2): ' . $photo, true );
200
- }
201
  }
202
 
203
- return $id;
 
204
  }
205
-
206
- // Photo name to id. One only because of possible . in name or try to expand enum
207
- function wppa_decode_photo( $photo ) {
208
  global $wpdb;
 
 
209
 
210
- // Fix js trick
211
- $photo = trim( $photo, '/' );
212
-
213
- // Already decoded?
214
- if ( wppa_is_int( $photo ) ) {
215
 
216
- return $photo;
217
- }
 
218
 
219
- // Just do it
220
- $id = $wpdb->get_var( $wpdb->prepare( "SELECT id FROM $wpdb->wppa_photos WHERE sname = %s", $photo ) );
221
- if ( $id === null ) {
 
 
 
 
 
 
 
222
 
223
- // Maybe an enumeration
224
- $photo = wppa_expand_enum( $photo );
225
  }
 
 
226
  else {
227
- $photo = $id;
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
228
  }
229
 
230
- return $photo;
 
231
  }
232
 
233
- // Convert album crypt to id
234
- function wppa_decrypt_album( $album, $dummy = true, $no_refuse = false ) {
235
  global $wpdb;
236
 
237
- // Decompose possible album enumeration
238
- $album_crypts = explode( '.', $album );
239
- $album_ids = array();
240
- $i = 0;
241
 
242
- // Process all tokens
243
- while ( $i < count( $album_crypts ) ) {
244
- $crypt = $album_crypts[$i];
245
- if ( ! $crypt ) {
246
- $id = '';
247
- }
248
- elseif ( $crypt == wppa_get_option( 'wppa_album_crypt_9', false ) ) {
249
- $id = '999999';
250
- }
251
- elseif ( $crypt == wppa_get_option( 'wppa_album_crypt_0', false ) ) {
252
- $id = '0';
253
- }
254
- elseif ( $crypt == wppa_get_option( 'wppa_album_crypt_1', false ) ) {
255
- $id = '-1';
256
- }
257
- elseif ( $crypt == wppa_get_option( 'wppa_album_crypt_2', false ) ) {
258
- $id = '-2';
259
- }
260
- elseif ( $crypt == wppa_get_option( 'wppa_album_crypt_3', false ) ) {
261
- $id = '-3';
262
- }
263
- else {
264
 
265
- // Already decrypted?
266
- if ( strlen( $crypt ) < 12 ) {
267
- $id = $crypt;
268
- if ( wppa_switch( 'refuse_unencrypted' ) && ! $no_refuse ) {
269
- wppa_dbg_msg( __('Invalid album identifier:', 'wp-photo-album-plus') . ' ' . $id, 'red' );
270
- wppa_log( 'dbg', 'Decrypted album foud wppa_decrypt_album(). id=' . $id, true );
271
- $id = '-9';
272
- }
273
- else {
274
- return $album; // Assume everything already decrypted, return original
275
- }
276
- }
277
 
278
- // Just do it
279
- else {
280
- $id = $wpdb->get_var( $wpdb->prepare( "SELECT id FROM $wpdb->wppa_albums WHERE crypt = %s", substr( $crypt, 0, 12 ) ) );
281
- if ( ! $id ) {
282
- wppa_log( 'war', 'Could not decrypt album: ' . $crypt . ' found in: ' . $album . ' (wppa_decrypt_album)' );
283
- $id = '-9';
284
- }
285
- }
 
 
286
  }
287
- $album_ids[$i] = $id;
288
- $i++;
289
  }
290
 
291
- // Compose result
292
- $result = implode( '.', $album_ids );
293
-
294
- // Remove not found/deleted albums
295
- $result = str_replace( '..-9', '', $result );
296
- $result = str_replace( '.-9', '', $result );
297
- $result = str_replace( '-9..', '', $result );
298
- $result = str_replace( '-9.', '', $result );
299
 
 
300
  return $result;
301
  }
302
-
303
- // Album name to id. One only because of possible . in name or try to expand enum
304
- function wppa_decode_album( $album ) {
305
  global $wpdb;
 
 
306
 
307
- // Fix js trick
308
- $album = trim( $album, '/' );
309
 
310
- // Already decoded?
311
- if ( wppa_is_int( $album ) ) {
 
312
 
313
- return $album;
314
- }
315
-
316
- // Just do it
317
- $id = $wpdb->get_var( $wpdb->prepare( "SELECT id FROM $wpdb->wppa_albums WHERE sname = %s", $album ) );
318
- if ( $id === null ) {
 
 
 
 
319
 
320
- // Maybe an enumeration
321
- $album = wppa_expand_enum( $album );
322
  }
 
 
323
  else {
324
- $album = $id;
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
325
  }
326
 
327
- return $album;
 
328
  }
329
 
330
  // Encrypt a full url
3
  * Package: wp-photo-album-plus
4
  *
5
  * Contains all ecryption/decryption logic
6
+ * Version 8.0.07.007
7
  *
8
  */
9
 
162
  return $result;
163
  }
164
 
165
+ // Decrypt or find photo is(s) from names in urls
166
+ function wppa_decode_photo( $photo ) {
167
  global $wpdb;
168
 
169
+ // Init
170
+ $result = false;
171
 
172
+ // If not mandatoty cryptic, try anything else first
173
+ if ( ! wppa_switch( 'refuse_unencrypted' ) ) {
 
 
 
 
 
 
 
 
 
174
 
175
+ // Leave '', '0' and false untouched
176
+ if ( ! $photo ) return $photo;
177
+
178
+ // Leave any single integer string untouched
179
+ elseif ( wppa_is_int( $photo ) ) return $photo;
180
+
181
+ // Leave an enumeration of integers untouched
182
+ elseif ( wppa_is_enum( $photo ) ) return $photo;
183
+
184
+ // Try a single photoname. Can not be an enumeration because names may contain dots
185
+ $id = $wpdb->get_var( $wpdb->prepare( "SELECT id FROM $wpdb->wppa_photos WHERE sname = %s LIMIT 1", $photo ) );
186
+ if ( $id ) {
187
+ $result = $id;
188
  }
 
189
  }
190
 
191
+ // Nothing yet, go for (enumeration of) cryptic
192
+ if ( ! $result ) {
193
+ $result = trim( _wppa_decode_photo( $photo ), '.' );
 
 
 
 
194
  }
195
 
196
+ // Done
197
+ return $result;
198
  }
199
+ function _wppa_decode_photo( $photo ) {
 
 
200
  global $wpdb;
201
+ static $cache;
202
+ static $hits;
203
 
204
+ // Check for non numeric enum
205
+ if ( $photo && strpos( $photo, '.' ) !== false ) {
 
 
 
206
 
207
+ $result = '';
208
+ $parray = explode( '.', $photo );
209
+ foreach( $parray as $p ) {
210
 
211
+ if ( $p == '' ) {
212
+ $result .= '.';
213
+ }
214
+ else {
215
+ $id = _wppa_decode_photo( $p );
216
+ if ( $id !== false ) {
217
+ $result .= $id . '.';
218
+ }
219
+ }
220
+ }
221
 
222
+ return $result;
 
223
  }
224
+
225
+ // Single item
226
  else {
227
+
228
+ // Init cache
229
+ if ( ! $cache ) {
230
+ $cache = array();
231
+ $hits = 0;
232
+ }
233
+
234
+ // Look in cache
235
+ if ( isset( $cache[$photo] ) ) {
236
+ $hits++;
237
+ return $cache[$photo];
238
+ }
239
+
240
+ // Phase 1: check encryption
241
+ $p = $wpdb->get_var( $wpdb->prepare( "SELECT id FROM $wpdb->wppa_photos WHERE crypt = %s", $photo ) );
242
+ if ( $p ) {
243
+ $result = $p;
244
+ wppa_dump("Found photo $photo is number $p hits = $hits");
245
+ $cache[$photo] = $p;
246
+ return $result;
247
+ }
248
+ else {
249
+ wppa_dump("Not found photo $photo");
250
+ return false;
251
+ }
252
  }
253
 
254
+ // Done
255
+ return false;
256
  }
257
 
258
+ // Album name to id. One only because of possible . in name or try to expand enum
259
+ function wppa_decode_album( $album ) {
260
  global $wpdb;
261
 
262
+ // Init
263
+ $result = false;
 
 
264
 
265
+ // If not mandatoty cryptic, try anything else first
266
+ if ( ! wppa_switch( 'refuse_unencrypted' ) ) {
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
267
 
268
+ // Leave '', '0' and false untouched
269
+ if ( ! $album ) return $album;
 
 
 
 
 
 
 
 
 
 
270
 
271
+ // Leave any single integer string untouched
272
+ elseif ( wppa_is_int( $album ) ) return $album;
273
+
274
+ // Leave an enumeration of integers untouched
275
+ elseif ( wppa_is_enum( $album ) ) return $album;
276
+
277
+ // Try a single albumname. Can not be an enumeration because names may contain dots
278
+ $id = $wpdb->get_var( $wpdb->prepare( "SELECT id FROM $wpdb->wppa_albums WHERE sname = %s LIMIT 1", $album ) );
279
+ if ( $id ) {
280
+ $result = $id;
281
  }
 
 
282
  }
283
 
284
+ // Nothing yet, go for (enumeration of) cryptic
285
+ if ( ! $result ) {
286
+ $result = trim( _wppa_decode_album( $album ), '.' );
287
+ }
 
 
 
 
288
 
289
+ // Done
290
  return $result;
291
  }
292
+ function _wppa_decode_album( $album ) {
 
 
293
  global $wpdb;
294
+ static $cache;
295
+ static $hits;
296
 
297
+ // Check for non numeric enum
298
+ if ( $album && strpos( $album, '.' ) !== false ) {
299
 
300
+ $result = '';
301
+ $aarray = explode( '.', $album );
302
+ foreach( $aarray as $a ) {
303
 
304
+ if ( $a == '' ) {
305
+ $result .= '.';
306
+ }
307
+ else {
308
+ $id = _wppa_decode_album( $a );
309
+ if ( $id !== false ) {
310
+ $result .= $id . '.';
311
+ }
312
+ }
313
+ }
314
 
315
+ return $result;
 
316
  }
317
+
318
+ // Single item
319
  else {
320
+
321
+ // Init cache
322
+ if ( ! $cache ) {
323
+ $cache = array();
324
+ $cache[wppa_get_option( 'wppa_album_crypt_9' )] = false;
325
+ $cache[wppa_get_option( 'wppa_album_crypt_0' )] = '0';
326
+ $cache[wppa_get_option( 'wppa_album_crypt_1' )] = '-1';
327
+ $cache[wppa_get_option( 'wppa_album_crypt_2' )] = '-2';
328
+ $cache[wppa_get_option( 'wppa_album_crypt_3' )] = '-3';
329
+ }
330
+
331
+ // Look in cache
332
+ if ( isset( $cache[$album] ) ) {
333
+ $hits++;
334
+ return $cache[$album];
335
+ }
336
+
337
+ // Phase 1: check encryption
338
+ $a = $wpdb->get_var( $wpdb->prepare( "SELECT id FROM $wpdb->wppa_albums WHERE crypt = %s", $album ) );
339
+ if ( $a ) {
340
+ $result = $a;
341
+ wppa_dump("Found album $album is number $a hits = $hits");
342
+ $cache[$album] = $a;
343
+ return $result;
344
+ }
345
+ else {
346
+ wppa_dump("Not found album $album");
347
+ return false;
348
+ }
349
  }
350
 
351
+ // Done
352
+ return false;
353
  }
354
 
355
  // Encrypt a full url
wppa-functions.php CHANGED
@@ -3,7 +3,7 @@
3
  * Package: wp-photo-album-plus
4
  *
5
  * Various functions
6
- * Version 8.0.07.005
7
  *
8
  */
9
 
@@ -140,7 +140,7 @@ global $wppa_current_shortcode_atts;
140
  }
141
  }
142
  else {
143
- wppa( 'is_tag', trim( strip_tags( wppa_get( 'tag' ) ), ',;' ) );
144
  }
145
 
146
  if ( wppa( 'is_related' ) == 'desc' ) {
@@ -697,20 +697,34 @@ global $wppa_current_shortcode_atts;
697
  }
698
  }
699
 
700
- // See if the album id is a name and convert it if possible
701
- wppa( 'start_album', wppa_album_name_to_number( wppa( 'start_album' ), true ) );
702
- if ( wppa( 'start_album' ) === false ) {
703
- wppa_reset_occurrance();
704
- return;
 
 
 
 
 
 
 
 
 
705
  }
706
 
707
  // Also for parents
708
- wppa( 'last_albums_parent', wppa_album_name_to_number( wppa( 'last_albums_parent' ) ) );
709
- if ( wppa( 'last_albums_parent' ) === false ) {
710
- wppa_reset_occurrance();
711
- return;
 
 
 
 
 
712
  }
713
-
714
  // Check if album is valid
715
  if ( strpos( wppa( 'start_album' ), '.' ) !== false ) { // Album may be enum
716
  if ( ! wppa_series_to_array( wppa( 'start_album' ) ) ) { // Syntax error
@@ -1346,6 +1360,7 @@ global $wppa_session;
1346
 
1347
  // Start photos given?
1348
  if ( wppa( 'start_photos' ) ) {
 
1349
  $photos = wppa_expand_enum( wppa( 'start_photos' ) );
1350
  $ids = explode( '.', $photos );
1351
  $ids = array_diff( $ids, wppa_get_void_pids() );
@@ -2432,6 +2447,14 @@ function wppa_extended_duplicate_remove( &$thumbs ) {
2432
 
2433
  // Check for duplicate
2434
  $temp = wppa_array_sort( $thumbs, 'name' );
 
 
 
 
 
 
 
 
2435
  $i = 0;
2436
  $j = count( $temp ) - 1;
2437
  while ( $i < $j ) {
3
  * Package: wp-photo-album-plus
4
  *
5
  * Various functions
6
+ * Version 8.0.07.007
7
  *
8
  */
9
 
140
  }
141
  }
142
  else {
143
+ wppa( 'is_tag', trim( strip_tags( wppa_get( 'tag', '', 'text' ) ), ',;' ) );
144
  }
145
 
146
  if ( wppa( 'is_related' ) == 'desc' ) {
697
  }
698
  }
699
 
700
+ /*
701
+ // See if the album id is a name or a crypt and convert it if possible
702
+ $a = wppa( 'start_album' );
703
+ if ( ! wppa_is_int( $a ) ) {
704
+
705
+ wppa_dump( 'Start album = ' . $a );
706
+
707
+ if ( wppa_switch( 'use_album_names_in_urls' ) ) {
708
+ $a = wppa_decode_album( $a );
709
+ }
710
+ else {
711
+ $a = wppa_decrypt_album( $a );
712
+ }
713
+ wppa( 'start_album', $a );
714
  }
715
 
716
  // Also for parents
717
+ $p = wppa( 'last_albums_parent' );
718
+ if ( ! wppa_is_int( $p ) ) {
719
+ if ( wppa_switch( 'use_album_names_in_urls' ) ) {
720
+ $p = wppa_decode_album( $p );
721
+ }
722
+ else {
723
+ $p = wppa_decrypt_album( $p );
724
+ }
725
+ wppa( 'last_albums_parent', $p );
726
  }
727
+ */
728
  // Check if album is valid
729
  if ( strpos( wppa( 'start_album' ), '.' ) !== false ) { // Album may be enum
730
  if ( ! wppa_series_to_array( wppa( 'start_album' ) ) ) { // Syntax error
1360
 
1361
  // Start photos given?
1362
  if ( wppa( 'start_photos' ) ) {
1363
+
1364
  $photos = wppa_expand_enum( wppa( 'start_photos' ) );
1365
  $ids = explode( '.', $photos );
1366
  $ids = array_diff( $ids, wppa_get_void_pids() );
2447
 
2448
  // Check for duplicate
2449
  $temp = wppa_array_sort( $thumbs, 'name' );
2450
+
2451
+ // Make indices sequential
2452
+ $temp1 = $temp;
2453
+ $temp = array();
2454
+ foreach ( array_keys( $temp1 ) as $key ) {
2455
+ $temp[] = $temp1[$key];
2456
+ }
2457
+
2458
  $i = 0;
2459
  $j = count( $temp ) - 1;
2460
  while ( $i < $j ) {
wppa-input.php CHANGED
@@ -3,7 +3,7 @@
3
  * Package: wp-photo-album-plus
4
  *
5
  * Contains functions for sanitizing and formatting user input
6
- * Version 8.0.07.006
7
  *
8
  */
9
 
@@ -351,25 +351,11 @@ global $wpdb;
351
  break;
352
 
353
  case 'pcrypt':
354
- $result = trim( $value, '/' );
355
- if ( get_option( 'wppa_use_photo_names_in_urls', 'no' ) == 'yes' ) {
356
- $result = wppa_decode_photo( $value );
357
- }
358
- else {
359
- $result = wppa_decrypt_photo( $value );
360
- }
361
  break;
362
 
363
  case 'acrypt':
364
- $result = trim( $value, '/' );
365
- if ( ! wppa_is_int( $result ) ) {
366
- if ( get_option( 'wppa_use_album_names_in_urls', 'no' ) == 'yes' ) {
367
- $result = wppa_decode_album( $value );
368
- }
369
- else {
370
- $result = wppa_decrypt_album( $value );
371
- }
372
- }
373
  break;
374
 
375
  case 'email':
3
  * Package: wp-photo-album-plus
4
  *
5
  * Contains functions for sanitizing and formatting user input
6
+ * Version 8.0.07.007
7
  *
8
  */
9
 
351
  break;
352
 
353
  case 'pcrypt':
354
+ $result = wppa_decode_photo( trim( $value, '/' ) );
 
 
 
 
 
 
355
  break;
356
 
357
  case 'acrypt':
358
+ $result = wppa_decode_album( trim( $value, '/' ) );
 
 
 
 
 
 
 
 
359
  break;
360
 
361
  case 'email':
wppa-statistics.php CHANGED
@@ -4,7 +4,7 @@
4
  *
5
  * Functions for counts etc
6
  * Common use front and admin
7
- * Version 8.0.00.019
8
  *
9
  */
10
 
@@ -232,39 +232,47 @@ function wppa_bump_viewcount( $type, $id ) {
232
  global $wpdb;
233
  global $wppa_session;
234
 
 
235
  if ( ! wppa_switch( 'track_viewcounts') ) return;
236
 
237
- if ( $type != 'album' && $type != 'photo' ) die ( 'Illegal $type in wppa_bump_viewcount: '.$type);
238
- if ( $type == 'album' ) {
239
- if ( strlen( $id ) == 12 ) {
240
- $id = wppa_decrypt_album( $id );
241
- }
242
  }
243
- else {
244
- if ( strlen( $id ) == 12 ) {
245
- $id = wppa_decrypt_photo( $id );
246
- }
247
  }
248
 
249
- if ( $id < '1' ) return; // Not a wppa image
250
- if ( ! wppa_is_int( $id ) ) return; // Not an integer
251
-
252
- if ( ! isset($wppa_session[$type]) ) {
253
  $wppa_session[$type] = array();
254
  }
255
- if ( ! isset($wppa_session[$type][$id] ) ) { // This one not yet bumped for this ip/browser session
256
- $wppa_session[$type][$id] = true; // Mark as viewed
257
- if ( $type == 'album' ) {
258
- $count = $wpdb->get_var( $wpdb->prepare( "SELECT views FROM $wpdb->wppa_albums WHERE id = %d", $id ) );
259
- $count++;
260
- $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->wppa_albums SET views = %d WHERE id = %d", $count, $id ) );
261
- // wppa_log( 'dbg', 'Bumped viewcount for album ' . $id . ' to ' . $count );
262
- }
263
- else {
264
- $count = $wpdb->get_var( $wpdb->prepare( "SELECT views FROM $wpdb->wppa_photos WHERE id = %d", $id ) );
265
- $count++;
266
- $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->wppa_photos SET views = %d WHERE id = %d", $count, $id ) );
267
- // wppa_log( 'dbg', 'Bumped viewcount for photo ' . $id . ' to ' . $count );
 
 
 
 
 
 
 
 
 
 
 
268
  }
269
 
270
  // If 'wppa_owner_to_name'
@@ -278,9 +286,6 @@ global $wppa_session;
278
  wppa_mark_treecounts( $alb );
279
  }
280
  }
281
- else {
282
- // wppa_log( 'dbg', 'Viewcount not bumped for ' . $type . ' nr ' . $id . ', duplicate.' );
283
- }
284
  }
285
 
286
  function wppa_get_upldr_cache() {
4
  *
5
  * Functions for counts etc
6
  * Common use front and admin
7
+ * Version 8.0.07.007
8
  *
9
  */
10
 
232
  global $wpdb;
233
  global $wppa_session;
234
 
235
+ // Feature enabled?
236
  if ( ! wppa_switch( 'track_viewcounts') ) return;
237
 
238
+ // Validate args
239
+ if ( ! wppa_is_int( $id ) ) {
240
+ wppa_log( 'err', 'Non numeric id: ' . $id . ' of type ' . $type . ' found in wppa_bump_viewcount()' );
241
+ return;
 
242
  }
243
+ if ( ! in_array( $type, array( 'album', 'photo' ) ) ) {
244
+ wppa_log( 'err', 'Unimplemented type: ' . $type . ' with id ' . $id . ' found in wppa_bump_viewcount()' );
245
+ return;
 
246
  }
247
 
248
+ // Init session for this if not yet done
249
+ if ( ! isset( $wppa_session[$type] ) ) {
 
 
250
  $wppa_session[$type] = array();
251
  }
252
+
253
+ // This one not bumped yet this session?
254
+ if ( ! isset($wppa_session[$type][$id] ) ) {
255
+
256
+ // Mark as viewed
257
+ $wppa_session[$type][$id] = true;
258
+
259
+ // Dispatch on type
260
+ switch( $type ) {
261
+
262
+ case 'album':
263
+ $count = $wpdb->get_var( $wpdb->prepare( "SELECT views FROM $wpdb->wppa_albums WHERE id = %d", $id ) );
264
+ $count++;
265
+ $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->wppa_albums SET views = %d WHERE id = %d", $count, $id ) );
266
+ break;
267
+
268
+ case 'photo':
269
+ $count = $wpdb->get_var( $wpdb->prepare( "SELECT views FROM $wpdb->wppa_photos WHERE id = %d", $id ) );
270
+ $count++;
271
+ $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->wppa_photos SET views = %d WHERE id = %d", $count, $id ) );
272
+ break;
273
+
274
+ default:
275
+ break;
276
  }
277
 
278
  // If 'wppa_owner_to_name'
286
  wppa_mark_treecounts( $alb );
287
  }
288
  }
 
 
 
289
  }
290
 
291
  function wppa_get_upldr_cache() {
wppa-stats-widget.php CHANGED
@@ -3,7 +3,7 @@
3
  * Package: wp-photo-album-plus
4
  *
5
  * display the stats widget
6
- * Version 8.0.04.005
7
  *
8
  */
9
  class WppaStatsWidget extends WP_Widget {
@@ -35,6 +35,8 @@ class WppaStatsWidget extends WP_Widget {
35
  return;
36
  }
37
 
 
 
38
  // Cache?
39
  if ( $cache && wppa_is_file( $cachefile ) ) {
40
  echo wppa_get_contents( $cachefile );
@@ -43,6 +45,7 @@ class WppaStatsWidget extends WP_Widget {
43
  wppa( 'in_widget', false );
44
  return;
45
  }
 
46
 
47
  // Make the widget content
48
  if ( wppa_checked( $instance['ip'] ) ) {
@@ -144,11 +147,13 @@ class WppaStatsWidget extends WP_Widget {
144
  echo wppa_compress_html( $result );
145
  echo wppa_widget_timer( 'show', $widget_title );
146
 
 
147
  // Cache?
148
  if ( $cache ) {
149
  wppa_put_contents( $cachefile, $result );
150
  update_option( 'wppa_cache_misses', get_option( 'wppa_cache_misses', 0 ) +1 );
151
  }
 
152
 
153
  wppa( 'in_widget', false );
154
  }
@@ -303,8 +308,8 @@ class WppaStatsWidget extends WP_Widget {
303
  );
304
 
305
  // Cache
306
- echo
307
- wppa_widget_checkbox( $this, 'cache', $instance['cache'], __( 'Cache this widget', 'wp-photo-album-plus' ) );
308
 
309
  }
310
 
3
  * Package: wp-photo-album-plus
4
  *
5
  * display the stats widget
6
+ * Version 8.0.07.007
7
  *
8
  */
9
  class WppaStatsWidget extends WP_Widget {
35
  return;
36
  }
37
 
38
+ /* Can not cache this widget */
39
+ /*
40
  // Cache?
41
  if ( $cache && wppa_is_file( $cachefile ) ) {
42
  echo wppa_get_contents( $cachefile );
45
  wppa( 'in_widget', false );
46
  return;
47
  }
48
+ */
49
 
50
  // Make the widget content
51
  if ( wppa_checked( $instance['ip'] ) ) {
147
  echo wppa_compress_html( $result );
148
  echo wppa_widget_timer( 'show', $widget_title );
149
 
150
+ /*
151
  // Cache?
152
  if ( $cache ) {
153
  wppa_put_contents( $cachefile, $result );
154
  update_option( 'wppa_cache_misses', get_option( 'wppa_cache_misses', 0 ) +1 );
155
  }
156
+ */
157
 
158
  wppa( 'in_widget', false );
159
  }
308
  );
309
 
310
  // Cache
311
+ // echo
312
+ // wppa_widget_checkbox( $this, 'cache', $instance['cache'], __( 'Cache this widget', 'wp-photo-album-plus' ) );
313
 
314
  }
315
 
wppa-styles.php CHANGED
@@ -3,7 +3,7 @@
3
  /* Package: wp-photo-album-plus
4
  /*
5
  /* Various style computation routines
6
- /* Version 8.0.07.001
7
  /*
8
  */
9
 
@@ -257,7 +257,7 @@ function wppa_get_imgstyle_a( $id, $file, $xmax_size, $xvalign = '', $type = ''
257
  case 'twthumb': // Thumbnail widget
258
  case 'ltthumb': // Lasten widget
259
  case 'albthumb': // Album widget
260
- if ( $type == 'thumb' && wppa_get( 'hilite' ) && wppa_decrypt_photo( wppa_get( 'hilite' ) ) == $id ) {
261
  $result['style'] .= ' border:3px solid orange;box-sizing:border-box;';
262
  }
263
  else {
3
  /* Package: wp-photo-album-plus
4
  /*
5
  /* Various style computation routines
6
+ /* Version 8.0.07.007
7
  /*
8
  */
9
 
257
  case 'twthumb': // Thumbnail widget
258
  case 'ltthumb': // Lasten widget
259
  case 'albthumb': // Album widget
260
+ if ( $type == 'thumb' && wppa_get( 'hilite' ) && wppa_get( 'hilite' ) == $id ) {
261
  $result['style'] .= ' border:3px solid orange;box-sizing:border-box;';
262
  }
263
  else {
wppa-topten-widget.php CHANGED
@@ -3,7 +3,7 @@
3
  * Package: wp-photo-album-plus
4
  *
5
  * display the top rated photos
6
- * Version 8.0.07.004
7
  */
8
 
9
  class TopTenWidget extends WP_Widget {
@@ -121,12 +121,13 @@ class TopTenWidget extends WP_Widget {
121
 
122
  // Including subalbums?
123
  if ( $includesubs ) {
124
- $albenum = wppa_alb_to_enum_children( $album );
125
- $albenum = wppa_expand_enum( $albenum );
 
126
  $album = str_replace( '.', ',', $albenum );
127
  }
128
 
129
- $albums = implode( ',', array_diff( explode( ',', $albums ), wppa_get_void_aids() ) );
130
 
131
  // Doit
132
  if ( $medalsonly ) {
3
  * Package: wp-photo-album-plus
4
  *
5
  * display the top rated photos
6
+ * Version 8.0.07.007
7
  */
8
 
9
  class TopTenWidget extends WP_Widget {
121
 
122
  // Including subalbums?
123
  if ( $includesubs ) {
124
+ $albenum = wppa_expand_enum( $album );
125
+ $albenum = wppa_alb_to_enum_children( $albenum );
126
+
127
  $album = str_replace( '.', ',', $albenum );
128
  }
129
 
130
+ $album = implode( ',', array_diff( explode( ',', $album ), wppa_get_void_aids() ) );
131
 
132
  // Doit
133
  if ( $medalsonly ) {
wppa-utils.php CHANGED
@@ -3,7 +3,7 @@
3
  * Package: wp-photo-album-plus
4
  *
5
  * Contains low-level utility routines
6
- * Version 8.0.07.006
7
  *
8
  */
9
 
@@ -1062,9 +1062,7 @@ function wppa_vfy_arg( $arg, $txt = false ) {
1062
  else {
1063
  $reason = ( defined( 'WP_DEBUG' ) && WP_DEBUG ) ? ': ' . $arg . ' is not numeric, its '.wppa_get( $arg ) : '';
1064
  $value = wppa_get( $arg );
1065
- // if ( $arg == 'photo-id' ) {
1066
- // $value = wppa_decrypt_photo( trim( $value. '/' ), false, true );
1067
- // }
1068
  if ( ! is_numeric( $value ) ) {
1069
  wp_die( 'Security check failue ' . $reason );
1070
  }
@@ -3347,7 +3345,7 @@ function wppa_exit() {
3347
  function wppa_sanitize_custom_field( $txt ) {
3348
 
3349
  if ( ! current_user_can( 'unfiltered_html' ) ) {
3350
- $result = strip_tags( $result );
3351
  }
3352
  else {
3353
  $result = balanceTags( $txt );
@@ -4790,12 +4788,17 @@ function wppa_is_divisible( $t, $n ) {
4790
 
4791
  function wppa_dump( $txt = '' ) {
4792
 
 
 
 
4793
  // Init
4794
  $file = dirname( __FILE__ ) . '/wppa-dump.txt';
4795
 
 
 
4796
  if ( $txt ) {
4797
  if ( wppa_is_file( $file ) ) {
4798
- $txt = wppa_get_contents( $file ) . "\n" . $txt;
4799
  }
4800
  wppa_put_contents( $file, $txt );
4801
  }
3
  * Package: wp-photo-album-plus
4
  *
5
  * Contains low-level utility routines
6
+ * Version 8.0.07.007
7
  *
8
  */
9
 
1062
  else {
1063
  $reason = ( defined( 'WP_DEBUG' ) && WP_DEBUG ) ? ': ' . $arg . ' is not numeric, its '.wppa_get( $arg ) : '';
1064
  $value = wppa_get( $arg );
1065
+
 
 
1066
  if ( ! is_numeric( $value ) ) {
1067
  wp_die( 'Security check failue ' . $reason );
1068
  }
3345
  function wppa_sanitize_custom_field( $txt ) {
3346
 
3347
  if ( ! current_user_can( 'unfiltered_html' ) ) {
3348
+ $result = strip_tags( $txt );
3349
  }
3350
  else {
3351
  $result = balanceTags( $txt );
4788
 
4789
  function wppa_dump( $txt = '' ) {
4790
 
4791
+ if ( ! wppa_switch( 'allow_debug' ) ) return;
4792
+ if ( ! is_writable( dirname( __FILE__ ) ) ) return;
4793
+
4794
  // Init
4795
  $file = dirname( __FILE__ ) . '/wppa-dump.txt';
4796
 
4797
+ $who = wppa_get_user( 'login' );
4798
+
4799
  if ( $txt ) {
4800
  if ( wppa_is_file( $file ) ) {
4801
+ $txt = wppa_get_contents( $file ) . "\n" . $who . ' ' . $txt;
4802
  }
4803
  wppa_put_contents( $file, $txt );
4804
  }
wppa.php CHANGED
@@ -2,7 +2,7 @@
2
  /*
3
  * Plugin Name: WP Photo Album Plus
4
  * Description: Easily manage and display your photo albums and slideshows within your WordPress site.
5
- * Version: 8.0.07.006
6
  * Author: J.N. Breetvelt a.k.a. OpaJaap
7
  * Author URI: http://wppa.opajaap.nl/
8
  * Plugin URI: http://wordpress.org/extend/plugins/wp-photo-album-plus/
@@ -24,7 +24,7 @@ global $wp_version;
24
 
25
  /* WPPA GLOBALS */
26
  global $wppa_api_version;
27
- $wppa_api_version = '8.0.07.006'; // WPPA software version
28
  global $wppa_revno;
29
  $wppa_revno = str_replace( '.', '', $wppa_api_version ); // WPPA db version
30
 
2
  /*
3
  * Plugin Name: WP Photo Album Plus
4
  * Description: Easily manage and display your photo albums and slideshows within your WordPress site.
5
+ * Version: 8.0.07.007
6
  * Author: J.N. Breetvelt a.k.a. OpaJaap
7
  * Author URI: http://wppa.opajaap.nl/
8
  * Plugin URI: http://wordpress.org/extend/plugins/wp-photo-album-plus/
24
 
25
  /* WPPA GLOBALS */
26
  global $wppa_api_version;
27
+ $wppa_api_version = '8.0.07.007'; // WPPA software version
28
  global $wppa_revno;
29
  $wppa_revno = str_replace( '.', '', $wppa_api_version ); // WPPA db version
30