iarv/Piwigo
1
0
Fork 0
mirror of https://github.com/Piwigo/Piwigo.git synced 2026-03-28 17:42:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,204 Commits 33 Branches 208 Tags
2.9
Commit Graph

2225 Commits

Author SHA1 Message Date
plegall
20c2586d42 (cp ab46632) Revert "Include pwg_token in user list POST request (Fixes #748) (#866)" 
This reverts commit 65ac272179.
 2019-04-02 14:08:14 +02:00
plegall
216e0ba85a (cp b29ab34) fixes #972 use an alternative algorithm to discover number of future orphans, with very large albums 2019-01-28 14:13:39 +01:00
plegall
e45e726b58 (cp 0637112) Squashed commit of the following: 
commit 7190866ccf15033f27095d635546e46dacbb755e
Author: plegall <plg@piwigo.org>
Date:   Thu Jul 12 10:52:33 2018 +0200

    Revert "Replace not maintained cssmin with fork from github https://github.com/natxet/CssMin"

    This reverts commit c8b12a2ed0.

commit 1dac11ecb6783d0d5353c3d250388f018c30fc5c
Author: plegall <plg@piwigo.org>
Date:   Thu Jul 12 10:52:24 2018 +0200

    Revert "Update Smarty to 3.1.3"

    This reverts commit db684f6151.

commit 3ac752dc93912ba5701d22dadd9bb3b81e5bb383
Merge: d1c2e71 8d58256
Author: plegall <plg@piwigo.org>
Date:   Thu Jul 12 10:50:43 2018 +0200

    Merge branch 'php72' of https://github.com/Infern1/Piwigo into Infern1-php72

commit 8d58256c45
Author: Rob Lensen <rob@bsdfreaks.nl>
Date:   Wed Mar 21 23:40:36 2018 +0100

    new feedcreator version for PHP7

commit bb0fcc3a30
Author: Rob Lensen <rob@bsdfreaks.nl>
Date:   Wed Mar 21 23:26:27 2018 +0100

    php72 fixes, replaces each() function

commit 3db22c0d33
Author: Rob Lensen <rob@bsdfreaks.nl>
Date:   Wed Mar 21 23:02:46 2018 +0100

    More fixes for PHP7.2

commit 50d8aafc77
Author: Rob Lensen <rob@bsdfreaks.nl>
Date:   Mon Mar 19 23:55:21 2018 +0100

    Some more replacements of create_function

commit 8263335c42
Author: Rob Lensen <rob@bsdfreaks.nl>
Date:   Mon Mar 19 22:54:54 2018 +0100

    Fixed indents

commit 8d58b637c6
Merge: c8b12a2 8a57d77
Author: Rob Lensen <rob@bsdfreaks.nl>
Date:   Tue Feb 27 13:51:32 2018 +0100

    Merge remote-tracking branch 'upstream/master' into php72

commit c8b12a2ed0
Author: Rob Lensen <rob@bsdfreaks.nl>
Date:   Thu Jan 18 00:32:46 2018 +0100

    Replace not maintained cssmin with fork from github https://github.com/natxet/CssMin

commit db684f6151
Author: Rob Lensen <rob@bsdfreaks.nl>
Date:   Thu Jan 18 00:23:24 2018 +0100

    Update Smarty to 3.1.3

commit 6a3f8f3e76
Author: Rob Lensen <rob@bsdfreaks.nl>
Date:   Wed Jan 17 23:40:27 2018 +0100

    Initial work to support PHP 7.2
 2018-07-12 10:58:26 +02:00
plegall
49a1c7fcaa (cp 7bf992b) fixes #890, use https instead of http to load images from piwigo.org 2018-07-11 15:08:34 +02:00
plegall
18e4b86199 (cp 69345c0) fixes #847, CVE-2018-5692 protect a few user input variables 2018-07-11 11:24:59 +02:00
plegall
55a9754b11 (cp bef0901) fixes #872, CVE-2018-7724, protect photo admin page from CSRF 2018-07-06 14:39:50 +02:00
plegall
c6d6a5ec0a (cp 06f4252) fixes #258, batch manager, check the session category still exists 2018-07-06 11:52:52 +02:00
plegall
90243ddb0c (cp 65ac272) Include pwg_token in user list POST request (Fixes #748) (#866) 
* user list: set pwg_token in POST data to user_list_backend.php

The POST data for the user data table request was empty, which could
cause user data retrieval to error out with HTTP 403 due to missing
the authentication token.

* user_list_backend: fix uninitialized variables

If iSortCol_0, sEcho, or sSearch are unset in the HTTP request, it
could cause variables to be uninitialized, potentially causing error
messages to be included in the HTTP response. These error messages,
if present, can prevent the JSON response from being parsed.

* user list: delete unnecessary quotes

Javascript object key names don't generally need to be quoted.
Remove some quotes that were introduced by a recent change that added
a body to the AJAX POST request to retrieve the user list.
 2018-07-06 10:52:47 +02:00
plegall
4f42239aec (cp 7511881) fixes #887, $selection is never set on PHP side, no need to use it in template 
... and it makes the template compatible with PHP 7.2
 2018-07-04 17:12:52 +02:00
plegall
ebdacd3e83 fixes #853, less strict check on user input "selectAction" for tag manager 
... for compatibility with plugin Colored Tags (typetags) and maybe other in the future.
 2018-03-23 10:01:06 +01:00
plegall
aee8fa1f8d (cp 02275fe) fixes #839, check input parameters on admin/tags.php 2018-02-22 14:18:59 +01:00
plegall
072ae305f8 (cp b6d61a7) fixes #838, tells PHP how many photos were deleted in Batch Manager 2018-02-08 13:05:11 +01:00
plegall
91ef7909a5 (cp 9671454) fixes #826, check input parameter order_by in configuration 2017-12-18 17:09:56 +01:00
plegall
f7c8e0a947 (cp 9028c75) fixes #825, check user input on Batch Manager, unit mode, to prevent SQL injection 2017-12-18 16:45:56 +01:00
plegall
c3b4c6f7f0 (cp 77f02bf) fixes #822, add token on configuration page to prevent CSRF 2017-12-18 15:16:13 +01:00
plegall
33a03e9afb (cp 1da9d6a) fixes #823 add input user check to avoid SQLi on users list 2017-12-18 14:06:28 +01:00
plegall
e1817474ea (cp c9ab538) Fixs issue #760 date_creation not refreshed when changing it from picture_modify (#763) 2017-09-18 17:50:23 +02:00
plegall
62afa8b1ff (cp 08cce48) Fixes #755 Never thow '0000-00-00 00:00:00' as value but Null instead 
only for exif ; iptc is ok
 2017-09-05 13:22:01 +02:00
plegall
183de75e7e (cp 2c07301) Fixing issue #731 (#754) 
* Fixing issue #731, if NB_PHOTOS is upper than 1000 display it

* Fixs issue #731 now number of picture between 1000 and 1999 are displayed

* Fixs formatting
 2017-09-04 14:27:59 +02:00
plegall
fb4006bda6 (cp f520f82) fixes #726, add trigger in create_virtual_category 2017-07-03 15:56:54 +02:00
plegall
5c3e24c02f (cp 30e8bab) pwg_token left for cat_options pages 
solving https://github.com/Piwigo/Piwigo/issues/721
 2017-07-03 15:12:36 +02:00
plegall
a9645181c6 (cp 3dd6812) check input parameter for cat_options pages 
solving https://github.com/Piwigo/Piwigo/issues/724
 2017-07-03 15:12:20 +02:00
plegall
7f8bff3d95 (cp 03a8329) adding pwg_token on permalink & cat_options 
and therefor solving issue:721
 2017-07-03 15:12:02 +02:00
plegall
0dc3810f0d (cp d542de7) fixes #713, use the default language to send email 
and not only to build the email body message
 2017-06-21 11:46:07 +02:00
plegall
c6c6305302 (cp 346f5c3) fixes #707, hide decimal for "158.0 pages seen" 2017-06-14 19:44:28 +02:00
plegall
42920897ce (cp 6ce14fc) fixes #705, check user_list_backend.php input params 2017-06-13 12:32:49 +02:00
plegall
61a25ceb3b (cp e0b7c1d) fixes #701, use the appropriate site_id instead of 1 
When coming from the album edit page with the action link to synchronization
 2017-06-12 14:32:14 +02:00
plegall
6692f5efc3 (cp 4581f3e) fixes #693, pclzip compatibility with PHP 7.1 2017-06-12 13:51:26 +02:00
plegall
8019af6c35 (cp 11c07ea) fixes #685, syntax error in jQuery selector prevents delete photos from working on Safari 2017-05-22 11:32:26 +02:00
plegall
1e063b9c13 (cp 8b4e2ff) fixes #683, hide decimals when disk usage is bigger than 100GB 2017-05-18 15:07:38 +02:00
plegall
149f55ab6b (cp 686c2f7) fix #663, batch manager, avoid SQL error with duplicates 
* when searching duplicates on md5sum, only consider md5sum not null
* in case the GROUP_CONCAT returns on truncated string, remove the trailing ","
* add a TODO to find a better algorithm, avoiding the GROUP_CONCAT limit to 1024 chars
 2017-05-15 11:28:56 +02:00
plegall
6d67e0100f (cp 7056f33) fix #679, add trigger in admin/intro to let plugins modify dashboard items 2017-05-12 15:25:50 +02:00
plegall
f4a6f9ce84 fixes #657, set the CACHE_KEYS for categories 2017-04-24 14:32:15 +02:00
plegall
1a348ab30b fixes #224, batch manager, ability to configure default number of images per page 2017-04-10 13:38:47 +02:00
plegall
f7aadd8e29 fixes #279, show error message from pwg.images.upload 2017-04-09 17:28:51 +02:00
plegall
30bedcb7d8 Merge branch 'feature/302-file_ext-case-insensitive' 2017-04-07 15:45:26 +02:00
plegall
6b88073449 function get_fs is no longer used (since 2.4) 2017-04-07 15:28:17 +02:00
plegall
d58a24c882 fixes #302, file extension case insensitive for sync 
if $conf['picture_ext'] contains "jpg", Piwigo sync will accept {jpg,JPG,Jpg,jPg,jpG,...}
 2017-04-07 15:25:10 +02:00
plegall
1c5b36f734 fixes #235, show/hide edit/caddie/representative icons on index.php or picture.php 2017-04-07 14:20:19 +02:00
plegall
03c2d12991 add icon on "save settings" button for configuration tabs 2017-04-06 16:01:41 +02:00
plegall
b0ae23e34d fixes #428, ability to hide "sizes" icon on index.php or picture.php 2017-04-06 15:55:23 +02:00
plegall
2ea5a359fe fixes #506, additional checks before deleting files 
During upgrade of theme/plugin/language, we add some more test to prevent
transversal path
 2017-03-31 14:45:30 +02:00
plegall
9783a61490 fixes #571, album deletion, do not alert about deleting 0 (zero) orphan photos 2017-03-30 15:49:05 +02:00
plegall
d50aa7476c fixes #191, auto reset $_SESSION['need_update'] on new version 
To avoid saying the user a new version is available after a manual upgrade
(which didn't reset the $_SESSION['need_update'] variable)
 2017-03-30 11:41:01 +02:00
plegall
0a85001ae8 feature #471, bug fixed (wrong variable in condition) 2017-03-29 18:55:14 +02:00
plegall
3371ef1734 only versions x.y.z can be checked against new version, not x.y.zbetaN 2017-03-29 18:54:08 +02:00
plegall
ae34f3859a feature #471, new method notify_piwigo_new_versions 
to detect if there are new versions to notify (and if notification should be done at all)
 2017-03-29 15:41:42 +02:00
plegall
609a3f1c1a feature #471, move check new versions in updates class 2017-03-27 12:17:50 +02:00
plegall
48c4b88fec fixes #638, improve speed on finding sub-categories 2017-03-20 11:58:52 +01:00
plegall
5a80c0a604 user manager, ability to open the user add form with url parameter 
to prepare the Tour of 2.9 new features
 2017-03-16 15:42:58 +01:00