iarv/Piwigo
1
0
Fork 0
mirror of https://github.com/Piwigo/Piwigo.git synced 2026-03-28 17:42:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,334 Commits 33 Branches 208 Tags
72ba6771b69b32c27872cd7c97b8f094a11f8a04
Commit Graph

10334 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Pierrick Le Gall
72ba6771b6 fix image src for issue example 2020-04-15 15:08:44 +02:00
Trond Schertel
24e256da52 Fixes #1155 2020-03-25 15:00:36 +01:00
Rasmus Lerdorf
f9edbd34f7 PHP 7.4 fixes 2020-03-25 14:55:57 +01:00
plegall
8a5a2d9831 Revert "Fix PHP-7.4 Issue " 
This reverts commit ea25f5b3a4.
 2020-03-25 14:55:06 +01:00
plegall
d3879b19f9 issue #1114 use the new screenshot provided by @HWFord 2020-03-25 14:53:48 +01:00
plegall
cf38caff67 fixes #1119 keep the ability to reset password when there is no photo yet 2020-03-24 15:18:09 +01:00
plegall
1e23ed84d3 fixes #1168 prevent XSS on pwg.images.setInfo 2020-03-24 14:07:49 +01:00
plegall
e21ef06e3d fixes #1162 filter users on a specific group 2020-02-18 10:50:36 +01:00
plegall
d365e2d216 fixes #1114 the Piwigo for Android app comes back 
Revert "issue #420, remove Piwigo for Android, not up-to-date"

This reverts commit 069581b80d
 2020-02-10 16:41:52 +01:00
plegall
6ac6db0d2d issue #1150 also protect groupe name on API methods 2020-02-07 17:17:17 +01:00
plegall
619849ff8b fixes #1150 prevent HTML code in group name 
It avoids any stored XSS between administrators and it's totally useless to have HTML code in the group name.
 2020-02-07 17:05:56 +01:00
plegall
cade53577c missing piece of code for #1098 to make the number of checksum configurable 2020-02-07 15:10:05 +01:00
Ben
ea25f5b3a4 Fix PHP-7.4 Issue 
PHP-7.4 Issue  = "Trying to access array offset on value of type null" in functions_category.inc.php
 2020-02-07 14:43:53 +01:00
Thomas Stieler
884c43280e Quote mysql keyword groups 2019-12-16 10:53:46 +01:00
Rasmus Lerdorf
f62ee77852 Fix count() warning 
In PHP 7.2 and later you will get a warning if you call count() on null. So either initialize $errors to an empty array here, or use empty() to check it as I have done here.
 2019-12-16 10:50:14 +01:00
Tomas Krizek
8573e35b18 include/functions_cookie: use proper brackets for offset access 
Fixes #1134
 2019-12-04 10:40:47 +01:00
plegall
29cc543a14 fixes #1133 adapt the height of the scrolling menu for plugins, depending on browser available height. 
Also, change background color of this scrollbar.
 2019-12-03 12:25:29 +01:00
plegall
90e4a63ea1 fixes #1112 better management for long username + long gallery name on small screen 2019-11-26 16:33:42 +01:00
HWFord
58fb64f751 Dark mode message boxes color made darker 2019-11-21 14:52:37 +01:00
plegall
41b4230b39 fixes #1102 limit the number of tags shown in the menubar 2019-10-15 16:02:14 +02:00
plegall
c4142c2a51 fixes #1092 javascript syntax error on batch manager (Safari only) 2019-10-14 14:29:27 +02:00
plegall
72094c5f88 fixes #1090 move warning about missing checksums from dashboard to sync page 
* avoid scaring users for a minor issue
* convert the warning message into a simple info
* simplify algorithm for detection and only search on relevant pages (batch manager + sync page)
 2019-10-14 14:14:54 +02:00
plegall
9b695da86b (cp 15d8a19) fixes #988 no more warning on PHP 7.3 
This fix was initially only for branch 2.9, and branch master should have
received a new version of jshrink, but I forgot to do it before 2.10 and now
we have a regression in 2.10. This commit will be cherry-picked to 2.10 and
we also have it on master so that we don't have a new regression in 2.11 (in
case jshrink is not properly updated)
 2019-10-14 12:31:28 +02:00
plegall
e49c217441 fixes #1099 avoid JS error when there is no album associated to current photo set 2019-10-14 12:27:41 +02:00
plegall
ac5d00e89b fixes #1098 make checksum computation block size configurable, and smaller by default 2019-10-14 12:22:53 +02:00
plegall
54b727a22a fixes #1097 checksum compute, make the block size constant 2019-10-14 11:42:51 +02:00
plegall
8fe4305d35 during upgrade, use the new default Piwigo theme (modus) instead of hardcoded "elegant" 
... and make sure the default Piwigo theme is active before that.
 2019-10-08 12:23:54 +02:00
plegall
087284eafc next version is 2.10.0 2019-10-07 16:07:57 +02:00
plegall
6a25b9efea update language directory from the "translation" branch 
simple copy, based on commit 28e0a2c089
 2019-10-07 16:05:10 +02:00
plegall
0e86caac30 [design] quick improve of new plugins filter 2019-10-07 12:32:32 +02:00
plegall
95a656c145 no more need of jGrowl on upload form 2019-09-26 11:15:24 +02:00
plegall
a30b1115ae issue #1080 moves fontello animation.css at the end of the combined files list 
It does not fixes the parsing problem, but it avoids breaking following CSS rules.
 2019-09-25 16:25:20 +02:00
Pierrick Le Gall
1872f75938 refresh Github readme 
* new logo
* new screenshot
* new URLS (using https instead of http)
* link to contributing guide
 2019-09-23 12:12:51 +02:00
plegall
fa8996e10f issue #1073 prevents from making uploaded file executable 
* for the name of the file in buffer directory, do not use the name given by the user, but the md5 of the name without extension
* function add_uploaded_file deletes uploaded file if not expected
 2019-09-20 16:26:21 +02:00
plegall
7e154ab093 issue #1075 check the url keys are expected 2019-09-20 14:02:03 +02:00
plegall
dcaf31fe09 update year in API browser footer 2019-09-20 13:58:30 +02:00
James Bercegay
1119d36c4b XSS Fix 
urlencode() key data as well
 2019-09-20 13:55:32 +02:00
plegall
1061dd0a77 fixes #1070 use ajax queue manager to launch metadata syncs 
+ exit from event once the "metadata" is performed to avoid side effects with "delete" action.
 2019-09-03 16:49:12 +02:00
plegall
5b65fca36c fixes #1068 escape the rank new MySQL 8 reserved word 
This time, we do it right before sending the query to MySQL, in the pwg_query
function. This is not optimal, because we add extra processing, useless most
of the time. This solution has less impact on code, and automatically work for
all core and plugins SQL queries.
 2019-08-30 12:11:47 +02:00
plegall
bf39de788a fixes #1016 API method pwg.session.login gets same behavior a web login form, regarding empty password 2019-08-26 15:55:09 +02:00
plegall
18460716e3 next release is 2.10.0RC1 2.10.0RC1 2019-08-19 15:16:55 +02:00
plegall
38f4d6199d update language directory from the "translation" branch 
simple copy, based on commit 2d46a7599e
 2019-08-19 14:58:22 +02:00
plegall
01e593fde2 fixes #1063 upgrade script to 2.10 2019-08-14 16:50:19 +02:00
Sam Wilson
7b6912ba98 Use default theme if loaded one is not found 
When loading a user's theme, make sure it's installed. Also, when
determining the default theme, account for the situation in which
zero themes are installed (and use 'default' then).

Refs #1061
 2019-08-14 12:18:45 +02:00
plegall
63bbba8e36 fixes #1060 always escape table/column names in advanced database functions 
which are single_insert, single_update, mass_inserts and mass_updates. The new function
protect_column_name simply surrounds the name with backticks, if needed.
 2019-08-13 16:44:54 +02:00
plegall
3478033515 fixes #1057 use a popin instead of popup to display admin page help. 
The "old way" still works with the popuphelp() javascript function.
 2019-08-13 12:07:16 +02:00
plegall
b4f8d6d994 fixes #1056 use a font-icon for page help 2019-08-12 17:01:41 +02:00
plegall
7234d0108e fixes #1011 add user input checks (and pwg_token) to avoid SQL injection (and CSRF) 2019-08-12 16:45:21 +02:00
plegall
91349065ea fixes #1010 prevent from SQL injection with user input check 2019-08-12 16:24:27 +02:00
plegall
fccb6caa75 fixes #1012 prevent SQL injection with a check on user input 2019-08-12 14:52:56 +02:00