-Update cookie to use pwg_lang to avoid conflicts with other potential apps.
-Add cookie path to the pwg_lang cookie to help with conflicts also.
-Be less restrictive in load_cookie_language function
-We can't use pwg_set_cookie because it is set in js not PHP so we force it to be called pwg_lang
Show copy/send password links by default but hide them for users with status 'generic'. Adds a change handler in fill_user_edit_properties to call toggle_send_copy_password when the status select changes, and implements toggle_send_copy_password(status) to show/hide #copy_password_link and #send_password_link accordingly.
JS: add mouseenter handler to toggle a tooltip-flip class for elements with data-tooltip so tooltips flip when they would overflow the right edge; set data-tooltip on API creation timestamp. CSS: constrain tooltip max width to 250px (or viewport margin), allow multiline content (max-content/word-wrap), and position flipped tooltips from the right. These changes prevent tooltip overflow on narrow viewports and improve readability.
Hide AddUser error block on close and make the AddUser popin scrollable with layout fixes. Also refine two French translations (password and login key).
When generating URLs for the web service (IN_WS), ensure the argument separator is a raw '&' instead of the HTML entity '&'. add_url_params now switches the separator to '&' if IN_WS is defined and '&' was requested. Removed a redundant str_replace call in ws_std_get_urls since get_action_url/add_url_params now produce the correct separator. This prevents double-escaped ampersands.
Simplify pwg_token setup during PWG_API_KEY_REQUEST by unconditionally assigning get_pwg_token() to both $_POST['pwg_token'] and $_GET['pwg_token']. Removes prior isset() checks so the token is always present for API key requests; be aware this will overwrite any existing pwg_token values in request arrays.
Use binary (1024-based) prefixes instead of decimal (1000-based) for
storage unit conversion. Previously dividing by 1000000 and 1000,
now correctly dividing by 1048576 (1024*1024) and 1024.
Fixes#2502
Replace the explicit "An email has been sent with a verification code" message with a privacy-preserving wording: "If your account exists, a verification code has been sent to your email address." This avoids account enumeration. Updated language entries in en_UK and fr_FR, the server-side message in password.php, and the password reset template.
Add a more granular container detection
Replace is_in_container by get_container_info
Currently detect Official container (once they update a version with a tagfile) and LinuxServer container
All other container are marked as Unknown
Report two field :
- container_type ( none | Official | LinuxServer | Unknown
- container_version ( build Version number like 16.2.0a, only reported if Official container is detected )
A trigger_notify call for 'merge_tags' was added before deleting tags in the tag merge process. This allows plugins or extensions to react to tag merges.
Refactors how derivative and disabled_derivatives config values are loaded from the database, supporting both parameters and using a new safe_unserialize function. Updates ImageStdParams to use the global config and ensures proper serialization/deserialization of disabled type maps, with improved save logic to avoid unnecessary writes.
HWFord