Changeset 554955
- Timestamp:
- 06/08/2012 06:23:07 PM (14 years ago)
- Location:
- dm-albums/trunk
- Files:
-
- 3 edited
-
readme.txt (modified) (2 diffs)
-
wp-dm-albums.php (modified) (2 diffs)
-
wp-dm-upload.php (modified) (6 diffs)
Legend:
- Unmodified
- Added
- Removed
-
dm-albums/trunk/readme.txt
r539753 r554955 5 5 Requires at least: 2.7 6 6 Tested up to: 3.3.1 7 Stable tag: 3.1. 57 Stable tag: 3.1.6 8 8 9 9 DM Albums™ is an inline photo album/gallery plugin that displays high quality images and thumbnails perfectly sized to your blog. … … 78 78 == Changelog == 79 79 80 = 3.1.6 = 81 <ul><li>Added patch to (hopefully) fix some user's issues with albums not appearing when uploading.</li> 82 <li>Fixed versioning of javascript libs</li></ul> 83 80 84 = 3.1.4 = 81 85 <ul><li>Added Flikr support: enter [dmalbum flikr="setid"/] where setid is the id of your set, i.e. [dmalbum flikr="72157629383149390"/]</li> -
dm-albums/trunk/wp-dm-albums.php
r539753 r554955 4 4 Description: DM Albums is an inline photo album/gallery plugin that displays high quality images and thumbnails perfectly sized to your blog. 5 5 Plugin URI: http://www.dutchmonkey.com/?file=products/dm-albums/dm-albums.html 6 Version: 3.1. 56 Version: 3.1.6 7 7 Author: Frank D. Strack 8 8 Author URI: http://www.dutchmonkey.com/ … … 28 28 /* 29 29 Change log: 30 31 3.1.4 32 * Added patch to (hopefully) fix some user's issues with albums not appearing when uploading. 33 * Fixed versioning of javascript libs 30 34 31 35 3.1.4 -
dm-albums/trunk/wp-dm-upload.php
r486244 r554955 1 <?php /*************************************************************** 1 <?php /*************************************************************** 2 2 * Author: Frank D. Strack 3 3 * Author Email: development@dutchmonkey.com 4 4 * Author URI: http://www.dutchmokney.com 5 * 6 * Thanks to safety of nDarkness.com for alerting us to a 5 * 6 * Thanks to safety of nDarkness.com for alerting us to a 7 7 * vulnerability and recommending a solution. 8 8 ***************************************************************/ 9 10 require_once('../../../wp-config.php');11 require_once('php/includes.php');12 9 13 10 if (isset($_POST["PHPSESSID"])) { … … 18 15 19 16 session_start(); 17 18 require_once('../../../wp-config.php'); 19 require_once('php/includes.php'); 20 20 21 21 if($_SESSION["DM_AUTH_UPLOAD"] != 1) … … 50 50 51 51 if(!empty($album_name) && strlen($album_name) > 0) 52 { 52 { 53 53 if(!file_exists($dm_albums_uploaddir)) 54 54 { 55 55 if(eregi("WIN", strtoupper(php_uname()))) $cache = "/cache"; 56 56 else $cache = "/.cache"; 57 57 58 58 dm_mkdir($dm_albums_uploaddir . $cache); //mkdir($dm_albums_uploaddir . $cache, 0777, true); 59 59 60 60 // If the file was not created, user does not have upload rights. 61 61 // Create folder in default upload dir location … … 67 67 } 68 68 } 69 69 70 70 $extension_whitelist = array("jpg", "gif", "png", "jpeg"); // Allowed file extensions 71 71 $MAX_FILENAME_LENGTH = 260; 72 72 73 73 $file_name = dm_sanitize($_FILES['Filedata']['name']); 74 74 75 75 if (strlen($file_name) == 0 || strlen($file_name) > $MAX_FILENAME_LENGTH) { 76 76 HandleError("Invalid file name"); 77 77 exit(0); 78 78 } 79 79 80 80 $path_info = pathinfo($_FILES['Filedata']['name']); 81 81 $file_extension = $path_info["extension"]; 82 82 $is_valid_extension = false; 83 83 84 84 foreach ($extension_whitelist as $extension) { 85 85 if (strcasecmp($file_extension, $extension) == 0) { … … 88 88 } 89 89 } 90 90 91 91 if (!$is_valid_extension) { 92 92 HandleError("Invalid file extension"); 93 93 exit(0); 94 94 } 95 95 96 96 @ move_uploaded_file($_FILES['Filedata']['tmp_name'], $dm_albums_uploaddir . "/" . $file_name); 97 97 98 98 dm_add_photo_to_sortorder($dm_albums_uploaddir . "/", $file_name); 99 99 } … … 107 107 /* Handles the error output. This error message will be sent to the uploadSuccess event handler. The event handler 108 108 will have to check for any error messages and react as needed. */ 109 function HandleError($message) 109 function HandleError($message) 110 110 { 111 111 echo $message;
Note: See TracChangeset
for help on using the changeset viewer.