adam/Piwigo
1
0
Fork 0
mirror of https://github.com/Piwigo/Piwigo.git synced 2026-06-02 04:15:05 +02:00
Code Issues Packages Projects Releases Wiki Activity
10,334 Commits 33 Branches 209 Tags
72ba6771b69b32c27872cd7c97b8f094a11f8a04
Commit Graph

10334 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Pierrick Le Gall 72ba6771b6 fix image src for issue example 2020-04-15 15:08:44 +02:00
Trond Schertel 24e256da52 Fixes #1155 2020-03-25 15:00:36 +01:00
Rasmus Lerdorf f9edbd34f7 PHP 7.4 fixes 2020-03-25 14:55:57 +01:00
plegall 8a5a2d9831 Revert "Fix PHP-7.4 Issue " 
This reverts commit ea25f5b3a4.
 2020-03-25 14:55:06 +01:00
plegall d3879b19f9 issue #1114 use the new screenshot provided by @HWFord 2020-03-25 14:53:48 +01:00
plegall cf38caff67 fixes #1119 keep the ability to reset password when there is no photo yet 2020-03-24 15:18:09 +01:00
plegall 1e23ed84d3 fixes #1168 prevent XSS on pwg.images.setInfo 2020-03-24 14:07:49 +01:00
plegall e21ef06e3d fixes #1162 filter users on a specific group 2020-02-18 10:50:36 +01:00
plegall d365e2d216 fixes #1114 the Piwigo for Android app comes back 
Revert "issue #420, remove Piwigo for Android, not up-to-date"

This reverts commit 069581b80d
 2020-02-10 16:41:52 +01:00
plegall 6ac6db0d2d issue #1150 also protect groupe name on API methods 2020-02-07 17:17:17 +01:00
plegall 619849ff8b fixes #1150 prevent HTML code in group name 
It avoids any stored XSS between administrators and it's totally useless to have HTML code in the group name.
 2020-02-07 17:05:56 +01:00
plegall cade53577c missing piece of code for #1098 to make the number of checksum configurable 2020-02-07 15:10:05 +01:00
Ben ea25f5b3a4 Fix PHP-7.4 Issue 
PHP-7.4 Issue  = "Trying to access array offset on value of type null" in functions_category.inc.php
 2020-02-07 14:43:53 +01:00
Thomas Stieler 884c43280e Quote mysql keyword groups 2019-12-16 10:53:46 +01:00
Rasmus Lerdorf f62ee77852 Fix count() warning 
In PHP 7.2 and later you will get a warning if you call count() on null. So either initialize $errors to an empty array here, or use empty() to check it as I have done here.
 2019-12-16 10:50:14 +01:00
Tomas Krizek 8573e35b18 include/functions_cookie: use proper brackets for offset access 
Fixes #1134
 2019-12-04 10:40:47 +01:00
plegall 29cc543a14 fixes #1133 adapt the height of the scrolling menu for plugins, depending on browser available height. 
Also, change background color of this scrollbar.
 2019-12-03 12:25:29 +01:00
plegall 90e4a63ea1 fixes #1112 better management for long username + long gallery name on small screen 2019-11-26 16:33:42 +01:00
HWFord 58fb64f751 Dark mode message boxes color made darker 2019-11-21 14:52:37 +01:00
plegall 41b4230b39 fixes #1102 limit the number of tags shown in the menubar 2019-10-15 16:02:14 +02:00
plegall c4142c2a51 fixes #1092 javascript syntax error on batch manager (Safari only) 2019-10-14 14:29:27 +02:00
plegall 72094c5f88 fixes #1090 move warning about missing checksums from dashboard to sync page 
* avoid scaring users for a minor issue
* convert the warning message into a simple info
* simplify algorithm for detection and only search on relevant pages (batch manager + sync page)
 2019-10-14 14:14:54 +02:00
plegall 9b695da86b (cp 15d8a19) fixes #988 no more warning on PHP 7.3 
This fix was initially only for branch 2.9, and branch master should have
received a new version of jshrink, but I forgot to do it before 2.10 and now
we have a regression in 2.10. This commit will be cherry-picked to 2.10 and
we also have it on master so that we don't have a new regression in 2.11 (in
case jshrink is not properly updated)
 2019-10-14 12:31:28 +02:00
plegall e49c217441 fixes #1099 avoid JS error when there is no album associated to current photo set 2019-10-14 12:27:41 +02:00
plegall ac5d00e89b fixes #1098 make checksum computation block size configurable, and smaller by default 2019-10-14 12:22:53 +02:00
plegall 54b727a22a fixes #1097 checksum compute, make the block size constant 2019-10-14 11:42:51 +02:00
plegall 8fe4305d35 during upgrade, use the new default Piwigo theme (modus) instead of hardcoded "elegant" 
... and make sure the default Piwigo theme is active before that.
 2019-10-08 12:23:54 +02:00
plegall 087284eafc next version is 2.10.0 2019-10-07 16:07:57 +02:00
plegall 6a25b9efea update language directory from the "translation" branch 
simple copy, based on commit 28e0a2c089
 2019-10-07 16:05:10 +02:00
plegall 0e86caac30 [design] quick improve of new plugins filter 2019-10-07 12:32:32 +02:00
plegall 95a656c145 no more need of jGrowl on upload form 2019-09-26 11:15:24 +02:00
plegall a30b1115ae issue #1080 moves fontello animation.css at the end of the combined files list 
It does not fixes the parsing problem, but it avoids breaking following CSS rules.
 2019-09-25 16:25:20 +02:00
Pierrick Le Gall 1872f75938 refresh Github readme 
* new logo
* new screenshot
* new URLS (using https instead of http)
* link to contributing guide
 2019-09-23 12:12:51 +02:00
plegall fa8996e10f issue #1073 prevents from making uploaded file executable 
* for the name of the file in buffer directory, do not use the name given by the user, but the md5 of the name without extension
* function add_uploaded_file deletes uploaded file if not expected
 2019-09-20 16:26:21 +02:00
plegall 7e154ab093 issue #1075 check the url keys are expected 2019-09-20 14:02:03 +02:00
plegall dcaf31fe09 update year in API browser footer 2019-09-20 13:58:30 +02:00
James Bercegay 1119d36c4b XSS Fix 
urlencode() key data as well
 2019-09-20 13:55:32 +02:00
plegall 1061dd0a77 fixes #1070 use ajax queue manager to launch metadata syncs 
+ exit from event once the "metadata" is performed to avoid side effects with "delete" action.
 2019-09-03 16:49:12 +02:00
plegall 5b65fca36c fixes #1068 escape the rank new MySQL 8 reserved word 
This time, we do it right before sending the query to MySQL, in the pwg_query
function. This is not optimal, because we add extra processing, useless most
of the time. This solution has less impact on code, and automatically work for
all core and plugins SQL queries.
 2019-08-30 12:11:47 +02:00
plegall bf39de788a fixes #1016 API method pwg.session.login gets same behavior a web login form, regarding empty password 2019-08-26 15:55:09 +02:00
plegall 18460716e3 next release is 2.10.0RC1 2.10.0RC1 2019-08-19 15:16:55 +02:00
plegall 38f4d6199d update language directory from the "translation" branch 
simple copy, based on commit 2d46a7599e
 2019-08-19 14:58:22 +02:00
plegall 01e593fde2 fixes #1063 upgrade script to 2.10 2019-08-14 16:50:19 +02:00
Sam Wilson 7b6912ba98 Use default theme if loaded one is not found 
When loading a user's theme, make sure it's installed. Also, when
determining the default theme, account for the situation in which
zero themes are installed (and use 'default' then).

Refs #1061
 2019-08-14 12:18:45 +02:00
plegall 63bbba8e36 fixes #1060 always escape table/column names in advanced database functions 
which are single_insert, single_update, mass_inserts and mass_updates. The new function
protect_column_name simply surrounds the name with backticks, if needed.
 2019-08-13 16:44:54 +02:00
plegall 3478033515 fixes #1057 use a popin instead of popup to display admin page help. 
The "old way" still works with the popuphelp() javascript function.
 2019-08-13 12:07:16 +02:00
plegall b4f8d6d994 fixes #1056 use a font-icon for page help 2019-08-12 17:01:41 +02:00
plegall 7234d0108e fixes #1011 add user input checks (and pwg_token) to avoid SQL injection (and CSRF) 2019-08-12 16:45:21 +02:00
plegall 91349065ea fixes #1010 prevent from SQL injection with user input check 2019-08-12 16:24:27 +02:00
plegall fccb6caa75 fixes #1012 prevent SQL injection with a check on user input 2019-08-12 14:52:56 +02:00