iarv/Piwigo
1
0
Fork 0
mirror of https://github.com/Piwigo/Piwigo.git synced 2026-05-09 23:05:04 +02:00
Code Issues Packages Projects Releases Wiki Activity
10,309 Commits 33 Branches 209 Tags
2.10.0
Commit Graph

10309 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
plegall 7223594dbc (cp a58d87e) change default configuration settings for a stable branch. 
Developers who need previous configuration settings can modify them in their local configuration
2.10.0 		2019-10-08 12:31:16 +02:00
plegall 8fe4305d35 during upgrade, use the new default Piwigo theme (modus) instead of hardcoded "elegant" 
... and make sure the default Piwigo theme is active before that.
 2019-10-08 12:23:54 +02:00
plegall 087284eafc next version is 2.10.0 2019-10-07 16:07:57 +02:00
plegall 6a25b9efea update language directory from the "translation" branch 
simple copy, based on commit 28e0a2c089
 2019-10-07 16:05:10 +02:00
plegall 0e86caac30 [design] quick improve of new plugins filter 2019-10-07 12:32:32 +02:00
plegall 95a656c145 no more need of jGrowl on upload form 2019-09-26 11:15:24 +02:00
plegall a30b1115ae issue #1080 moves fontello animation.css at the end of the combined files list 
It does not fixes the parsing problem, but it avoids breaking following CSS rules.
 2019-09-25 16:25:20 +02:00
Pierrick Le Gall 1872f75938 refresh Github readme 
* new logo
* new screenshot
* new URLS (using https instead of http)
* link to contributing guide
 2019-09-23 12:12:51 +02:00
plegall fa8996e10f issue #1073 prevents from making uploaded file executable 
* for the name of the file in buffer directory, do not use the name given by the user, but the md5 of the name without extension
* function add_uploaded_file deletes uploaded file if not expected
 2019-09-20 16:26:21 +02:00
plegall 7e154ab093 issue #1075 check the url keys are expected 2019-09-20 14:02:03 +02:00
plegall dcaf31fe09 update year in API browser footer 2019-09-20 13:58:30 +02:00
James Bercegay 1119d36c4b XSS Fix 
urlencode() key data as well
 2019-09-20 13:55:32 +02:00
plegall 1061dd0a77 fixes #1070 use ajax queue manager to launch metadata syncs 
+ exit from event once the "metadata" is performed to avoid side effects with "delete" action.
 2019-09-03 16:49:12 +02:00
plegall 5b65fca36c fixes #1068 escape the rank new MySQL 8 reserved word 
This time, we do it right before sending the query to MySQL, in the pwg_query
function. This is not optimal, because we add extra processing, useless most
of the time. This solution has less impact on code, and automatically work for
all core and plugins SQL queries.
 2019-08-30 12:11:47 +02:00
plegall bf39de788a fixes #1016 API method pwg.session.login gets same behavior a web login form, regarding empty password 2019-08-26 15:55:09 +02:00
plegall 18460716e3 next release is 2.10.0RC1 2.10.0RC1 2019-08-19 15:16:55 +02:00
plegall 38f4d6199d update language directory from the "translation" branch 
simple copy, based on commit 2d46a7599e
 2019-08-19 14:58:22 +02:00
plegall 01e593fde2 fixes #1063 upgrade script to 2.10 2019-08-14 16:50:19 +02:00
Sam Wilson 7b6912ba98 Use default theme if loaded one is not found 
When loading a user's theme, make sure it's installed. Also, when
determining the default theme, account for the situation in which
zero themes are installed (and use 'default' then).

Refs #1061
 2019-08-14 12:18:45 +02:00
plegall 63bbba8e36 fixes #1060 always escape table/column names in advanced database functions 
which are single_insert, single_update, mass_inserts and mass_updates. The new function
protect_column_name simply surrounds the name with backticks, if needed.
 2019-08-13 16:44:54 +02:00
plegall 3478033515 fixes #1057 use a popin instead of popup to display admin page help. 
The "old way" still works with the popuphelp() javascript function.
 2019-08-13 12:07:16 +02:00
plegall b4f8d6d994 fixes #1056 use a font-icon for page help 2019-08-12 17:01:41 +02:00
plegall 7234d0108e fixes #1011 add user input checks (and pwg_token) to avoid SQL injection (and CSRF) 2019-08-12 16:45:21 +02:00
plegall 91349065ea fixes #1010 prevent from SQL injection with user input check 2019-08-12 16:24:27 +02:00
plegall fccb6caa75 fixes #1012 prevent SQL injection with a check on user input 2019-08-12 14:52:56 +02:00
plegall 4932bc502b fixes #1009 check group_selection parameter to be only an array of ids 2019-08-12 14:25:56 +02:00
plegall 776f8fa186 fixes #1058 prevent CSRF on notification by mail, with a pwg_token 
also added some checks to NBM parameters to avoid XSS (minor issue)
 2019-08-12 12:31:24 +02:00
plegall fdcb6f50f6 fixes #1055 prevents XSS on original resize fields 2019-08-09 15:52:04 +02:00
plegall bc0b49cdad fixes #1053 add themes {modus, elegant, smartpocket} in release build 2019-08-06 18:20:29 +02:00
plegall 54154eb834 fixes #1052 separate themes from Piwigo core repository 
* Sylvia : https://github.com/Piwigo/piwigo-Sylvia
* elegant : https://github.com/Piwigo/piwigo-elegant
* smartpocket : https://github.com/Piwigo/piwigo-smartpocket
* dark : https://github.com/Piwigo/piwigo-dark
* clear : https://github.com/Piwigo/piwigo-clear
 2019-08-06 17:52:04 +02:00
plegall 292b414d25 remove shadow on album creation button for empty gallery 2019-07-19 14:27:50 +02:00
plegall 2842934633 fixes #899 API methods to manage user favorite photos 
* rename methods to pwg.users.favorites.getList + pwg.users.favorites.add + pwg.users.favorites.remove (better for alpha ordered listing)
* simplify method ws_users_favorites_getList to only work with current user
* use the new option "ignore" on single_insert
 2019-07-17 15:48:06 +02:00
Sam Wilson 05fb7aafd4 Order by the field(s) used to find duplicates 
When searching for duplicates, also sort the results by the
fields used to find the duplicates.
 2019-07-17 15:22:53 +02:00
plegall 551457f2b6 fixes #1051 ability to insert ignore on single_insert 2019-07-17 11:15:59 +02:00
Dave Anderson 1d113c002b API call to add/remove favorites (#810) 
add API methods pwg.users.addFavorite and pwg.users.removeFavorite
 2019-07-15 16:58:23 +02:00
Dave Anderson d406a12d45 API call to fetch user favorites (#582) 
* new api call to get user favorites
 2019-07-15 16:04:52 +02:00
Wei-Chung Wen ad6e96b82c Fixes #1004 Error using Piwigo from Android with smartpocket theme 
Using SmartPocket theme in Android 9's Chrome gives this error:

"Uncaught TypeError: Cannot read property 'toString' of null"

The error is caused by the following code

e.navigator.userAgent.match(/Android (\d+.\d+)/)

because the userAgent set by Chrome in Android 9 reads:

"Mozilla/5.0 (Linux; Android 9; H4133) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.101 Mobile Safari/537.36"

Signed-off-by: Wei-Chung Wen <morisato3711@gmail.com>
 2019-07-12 13:52:29 +02:00
plegall 4ae0f46bae fixes #1049 update applications, new screenshots and hide ReGalAndroid 2019-07-11 14:54:34 +02:00
plegall b101869417 update release to 2.10.0beta2 2.10.0beta2 2019-07-04 11:22:09 +02:00
plegall c1eecab364 fixes #996 escape word "groups" in SQL queries, new reserved word with MySQL 8 2019-06-28 18:07:53 +02:00
plegall 0ef2193471 fixes #93 automatically hide the newsletter link when clicked 2019-06-28 14:45:05 +02:00
plegall 3999bff326 fixes #1042 set Modus as default theme 2019-06-28 11:21:18 +02:00
plegall 5436c48ead fixes #1041 no longer activate TakeATour by default 2019-06-28 10:35:43 +02:00
plegall 22f3e679ee fixes #1040 move check upgrade action to maintenance page 2019-06-27 19:09:40 +02:00
Sam Wilson 8e9cb6de23 Quote 'rank' field name in SQL 
Add backticks to reserved word 'rank' in SQL queries.

Bug: GH #919
 2019-06-27 17:50:59 +02:00
plegall af85a62199 fixes #1038 deactivate user comments by default 2019-06-26 16:05:42 +02:00
plegall 4195572563 fixes #904 avoid warnings on PHP 7.2+ with PHPMailer (without updating PHPMailer) 2019-06-21 15:02:02 +02:00
plegall 46781c191a issue #1031 no background on album path 2019-06-20 16:44:18 +02:00
plegall 9bc9bae2cc fixes #1035 translate the visit link 2019-06-20 14:55:23 +02:00
plegall 9e629a2369 issue #1031 album manager, move breadcrumbs outside page title 2019-06-11 16:38:49 +02:00