When generating URLs for the web service (IN_WS), ensure the argument separator is a raw '&' instead of the HTML entity '&'. add_url_params now switches the separator to '&' if IN_WS is defined and '&' was requested. Removed a redundant str_replace call in ws_std_get_urls since get_action_url/add_url_params now produce the correct separator. This prevents double-escaped ampersands.
Simplify pwg_token setup during PWG_API_KEY_REQUEST by unconditionally assigning get_pwg_token() to both $_POST['pwg_token'] and $_GET['pwg_token']. Removes prior isset() checks so the token is always present for API key requests; be aware this will overwrite any existing pwg_token values in request arrays.
Add a more granular container detection
Replace is_in_container by get_container_info
Currently detect Official container (once they update a version with a tagfile) and LinuxServer container
All other container are marked as Unknown
Report two field :
- container_type ( none | Official | LinuxServer | Unknown
- container_version ( build Version number like 16.2.0a, only reported if Official container is detected )
A trigger_notify call for 'merge_tags' was added before deleting tags in the tag merge process. This allows plugins or extensions to react to tag merges.
Refactors how derivative and disabled_derivatives config values are loaded from the database, supporting both parameters and using a new safe_unserialize function. Updates ImageStdParams to use the global config and ensures proper serialization/deserialization of disabled type maps, with improved save logic to avoid unnecessary writes.
If the user as added open_basedir restriction the function will fail with a Warning :
Warning: file_exists(): open_basedir restriction in effect. File(/proc/2/sched) is not within the allowed path(s)
This fix add a check that assume piwigo is not in a container when open_basedir is set
Replaces usage of the Authorization header with X-PIWIGO-API for API key authentication. This improves consistency and may address issues with standard Authorization header handling.
Introduces a compatibility implementation of str_starts_with for environments where it is not available. Updates common.inc.php to include the polyfill if the function does not exist.
Updated user activity display to show when a user is connected via API key, including an icon and updated tooltip. Modified backend to set a 'connected_with' flag in activity details when API key authentication is used.
Added email notification for successful password reset, improved verification code handling, and implemented account lockout after too many failed attempts. Introduced new language strings for user feedback and security messages. Refactored password reset logic to better handle guest/generic users and API key recommendations.
Added a call to clear_fake_user_cache() in pwg_login to ensure the fake user cache is reset after a successful login. Also introduced the clear_fake_user_cache() function for this purpose.
Improves login security by:
- implementing constant-time authentication to reduce timing attacks
- refactoring user lookup into find_user_by_username_or_email() for username or email login
- introducing a fake user to keep password verification time consistent
- adding a finalize_login hook so plugins can control the authentication flow (2FA, rate limiting, etc.)
Also updates user activity JS to:
- better display action details
- properly handle user lists (login/logout with multiple users)
Replaces direct login check with ws_session_login for 'pwg.images.uploadAsync' and updates error handling to return the login response. Also updates the web service method definition to make username and password optional and clarifies admin credential requirements in the documentation.
* instead of using the provided cat_id in the URL parameters, registers the "context" of the last 10 photos viewed. Be it an album, a search, a tag...
* maybe not the cleanest way to do it (because we do not rebuild the url string) but simple and straightforward
Uncommented and activated QR code generation in getQrCode(), allowing TOTP secrets to be encoded as base64 PNG images for easier setup in authenticator apps.
Added a call to stripslashes for the 'apikey_name' field to ensure it is unescaped before being returned. This improves display consistency for API key names containing escaped characters.
Simplifies the API key validation in auth_key_login by removing the requirement for connection_by_header. Now, API keys matching the pattern are accepted regardless of the connection source.
* Introduces a verification code step before generating password reset links.
* New configuration "password_reset_code_duration".
* Adds Base32, TOTP and PHPQRCode classes .
* New section is required in password.tpl: code verification won't work on themes not updated yet.
* 5 new language strings were added.
- switched from cssmin to matthiasmullie/minify for CSS minification.
- the minify lib requires the path-converter lib (from the same author), which has been added as well (in include/minify/path-converter).
This change is necessary because cssmin is not compatible with PHP 8.4
- Add 3XL and 4XL sizes to defaults but keep them disabled by default
- Update admin restore default derivatives resets sizes and clears cache
- Update migration 177 => updates existing installs: set 3XL/4XL as disabled
Append info on PHP_OS in the template of `admin/maintenance_env.php` and in `include/functions.inc.php` -> `send_piwigo_infos()`
Detection works by checking if PHP is running on Linux then check if PID2 is kthreadd
Kthreadd is useless in a container so PID2 should not exist of be another process
If unable to read /proc/2/sched for some reason, assume a SELinux restriction and that PHP is not running in a container
`is_in_container()` doesn't differentiate between VMs or bare metal, it only check if PHP is running in a containerized environement via tools like docker or podman
