Zenphoto 1.5.4
21 June 2019
Zenphoto version 1.5.4 is now available.
Upgrading to Zenphoto 1.5.4
Zenphoto 1.5.4 can be upgraded to (or installed) using any of Installatron's products. Use Installatron's optional Automatic Update feature to automatically apply Zenphoto updates as new versions are released, or use Installatron's Clone feature to duplicate an existing Zenphoto install to test the 1.5.4 upgrade prior to applying it live. Get started managing your Zenphoto installations with Installatron
What's New in Zenphoto 1.5.4
1.5.4
General
- Fixes broken redirection after successful login via main admin form [acrylian – Thanks to UDZGure and GaneshKandu]
- Template password form (as used on a theme's password.php) now prints a message instead of the form if you are already logged in [acrylian]
- More height for admin tags lists of albums and images [acrylian]
- Fixes (new) translations being enabled unwantedly [acrylian - Thanks to tw2003]
- UTC (Universal time) is now included in the time zone option [acrylian]
- Small change in the display of flags during setup [fretzl]
Plugins
- favorites: Fixes typo in favoritesClass [acrylian – Thanks to guirala]
- reCaptcha: Changes wrapper element from <span> to <div> to help solving display issues in some themes [fretzl]
Themes
- garland: Fixes issue with album thumb display of sidecar images (e.g. video thumbs) [acrylian, MarkRH]
1.5.3
General
- Fix serious bug of redirectURL() unintentionally breaking setup on fresh installs [acrylian]
- Extend allowed tags option defaults to include HTML5 elements and some more standard ones. To get these on existing install you need to revert the option to its defaults (copy custom settings before doing that!) [acrylian]
- Internal cURL request function now follows up to 3 redirections [acrylian]
- Fixes wrong supported image type list if using GD library [acrylian]
- Fix missing width/height attributes on images if using custom album thumb sizes [bic-ed]
- Fixes watermarking causing cached images not being created. This was primarily related to upscaling working not well with very small watermark images. Since upscaling images does almost never look good the "allow upscale" option has been removed so that watermarks are never made larger than the actual image is. [acrylian, fretzl, Thanks to ctdlg)
Plugins
- hitcounter: Adds getTotalHitcounter() function [acrylian]
- openstreetmap: LeafletJS and leaftleat-providers script updates [vincent3569]
Themes
- garland, zenpage, zpMobile: Fixes issue with page validity check that broke pagination of favorites [acrylian]
1.5.2
Important
- Sadly 1.5.2 includes a serious bug preventing fresh installs. This issue is fixed by 15.3.
Security
- Fixes XSS issue in the dynamic locale plugin [acrylian - Thanks to bic and special thanks to Andre Krooss for the report]
General
- Fixes SERVER_PROTOCOL constant and related option not reflecting the protocol setting within the config file [acrylian – Thanks to MarkRH]
- lib-imagick: zp_imageDims() and zp_imageIPTC() now use the same standard PHP function getimagesize() as the lib-gd instead of the Imagick class method pingImage(). Tests showed this to have better performance especially when processing hundreds of images via the cacheManager [acrylian]
- New album class methods getNumAllAlbums() and getNumAllImages() added (the older template function getTotalImagesIn() is now deprecated). Other than the existing getNumAlbums() and getNumImages() these now get these numbers for the album itself and all sub albums on all levels [acrylian]
- User data export utiltiy allows results by setting the user name, user email address or both. [acrylian – Thanks to vincent3569]
- New general template functions introduced for search URL's to the current item's owner (Gallery albums and images) or author (Zenpage news articles and pages). Currently they use a search engine URL but this may eventually link to an actual front end owner/author profile page in the future. Official themes have not been setup to use these. You find their documentation within zp-core/template-functions.php file: getOwnerAuthor(), printOwnerAuthor(), getOwnerAuthorURL(), printOwnerAuthorURL(), getUserURL(), printUserURL()
- Fixes PNG24 alpha transparency and GIF transparency with GD library. Note: Alpha transparant watermarks on alpha transparent PNG's do not work properly with GD (yet). [acrylian]
- Calculating 35mmEquivFocalLength more accurately, especially for smaller focal lengths (like mobile phones or action cams) [kochs-online]
- Fixes an issue with paginiation within search mode [wongm|
- lastchanged dates saved for all item types: Add lastchange and lastchangeuser columns to all item database tables (images, albums, administrators, comments, Zenpage categories - articles and pages already had it. lastchange is set with a date Y-m-d H:m:s whever an item is saved/updated. Either by code on core level or via an admin request which then also sets the lastchangeuser to the current admin. [acrylian]
- lastchanged dates saved for all item types: Saving of items on the backend is now only triggered if there are actually changes to save. Formerly we did just re-save regardless [acrylian
- lastchanged dates saved for all item types: New core class methods get/setLastChange() and get/setLastchangeUser() are available for all item types [acrylian]
- Native support for WebP image format added to GD and Imagick. To work properly it requires PHP and the PHP libaries on the server to be compiled with support. You also need a capable browser to display these images. [acrylian]
- New template helper function getFullimageFilesize() plus image class method getFilesize() [acrylian]
- There is now a confirmation dialogue if you try to delete a 3rd party theme on the backend [acrylian - Thanks to vincent3569]
- Fixed that the admintoolbox allowed the creation of new albums on the index/gallery index even if the current user had only rights limited to one or more certain albums [acrylian]
- Fix setup cURL request not properly checking modrewrite [acrylian]
- Fix text truncation via pagebreak and revert some code [bic-ed, acrylian]
- Fix accidentally cleared plugin options after running setup. Cause was a wrong creator set if the option has no default value set via setOptionDefault() and is saved manually on the backend. If you encountered this in the past just manually save the plugin options in question on the backend again [acrylian - Thanks to bic-ed, Vincent3569, kochs-online]
- Languages on the options are marked with icon if there is not matching locale installed on the server. Requires the nativ ResourceBundle PHP class [acrylian]
- HTTP URL requests are now internally redirected to https (and vice versa) if you have the server protocol option set to it and your server does not do it already [acrylian]
- The admintoolbox again allows image editing if in dynamic album context [bic-ed]
- The sorting dropdown selector on the images admin tab within albums has been divided into a sortorder selector and a status selector [acrylian]. Note while you can sort by owner and last change user, results may be a bit confusing if not all images have those values already set. Last change user is only set if there is a last change. The owner may be inherited from the parent album or even parent levels so is not noted in the database itself as well.
New plugins
- redirector: A plugin to redirect internal URL's. Primarily intended for URL's that otherwise would cause 404 not found errors. Configuration via CSV or JSON file [acrylian]
Plugins
- bxslider_thumb_nav, colorbox, slideshow2: Abandon concept of manually enabling scripts on specific theme pages for plugins which often caused confusion among users if things were not working somewhere. Browsers will have to load it anyway at some point and also cache it. [acrlyian]
- cacheManager: Performance improvements for processing really lots of images and albums. Also an option has been introduced to switch between the class image output way (again default) or the newly introduced and actually better cURL way of precaching images. Sadly the cURL way seems not to work properly on all hosts and we couldn't figure out why [acrylian, fretzl - Thanks to tplowe56 for testing]
- cacheManager: CacheManager only global variables have been moved to static class properties just for organizational reasons [acrylian]
- class-video: Re-add somehow lost support for .m4a audio files and completely removes last parts of support for outdated formats like flash and quicktime [acrylian, vincent3569]
- contact_form: Now features a content macro
Documentation
- In 1.5.1 we had just fixed the links to the plugin function documentation from the backend and our site's extension entries. Since a lot of ZP's code consists of procedural functions which are not really organized by code structure like classes or namespaces, we had grouped several files together using the @package/@subpackage tag within docblocks. Sadly newer PHP version of our (local) servers required an update to the doc generator. Now none of these do output documentation grouped by those anymore (although their docs say they can...) so we have no URL for plugins to link to anymore. Therefore we had to completely remove the plugin doc links from the backend for now again.
- We suggest to look into the plugin's files itself as that contains the same documentation. Development IDE's like Netbeans, Eclipse or the like also help a lot in this regard.
- The functions documenation is now organized in subfolders. We generally do keep the last three versions of the documentation online. The current is found at https://docs.zenphoto.org/1.5.2/.
1.5.1
Important
- This is a bugfix and rather minor security release.
Security
- Open URL redirection issue on logging in fixed [acrylian, Thanks to security-provensec for the report]
- Too less strict permissions on clearing log files fixed [acrylian|
- XSS issues with search values [acrylian - Thanks to www.netsparker.com for the report]
- Plugin PHPmailer library updated to 6.0.6. More info: https://github.com/PHPMailer/PHPMailer/releases/tag/v6.0.6
General
- Fixes issues with undefined path constants preventing setup to run correctly on primarily fresh installs [acrylian]
- Setup now recommends PHP cURL and tidy support for some functionality [acrylian, fretzl]
- Setup uses cURL if available to more reliable setup plugin and theme default options [acrylian, fretzl]
- Fixes undefinded default core rewrite constants if the rewrite token defines in the config file are missing completly or partially. As long as using the defaults, they are not required to be set in the config file anymore [acrylian]
- Fixes various issues with (default image size) image cache file names unnecessarily introduced in 1.5. This resulted in non properly generated images and due wrong filename invalidated actually proper cache files. We apologize that this caused some troube for some users with large galleries. [acrylian, fretzl]
- Fixes accidentally included reference in package to already removed Efferscence+ theme due to a forgotten hardcoded reference in the package generator [acrylian]
- Fixes issue that https could not be set via options correctly [acrylian, fretzl]
- Hotfix for 35mm Equivalent Focal Length in exifer library [kochs-online]
- Data privacy policy page option: Shows all unprotected pages now no matter if published or unpublished and also notes nesting level in selector [acrylian]
- Add missing shortenindicator on pagebreak truncated strings [acrylian]
- Image metadata fields now use general db column sizes since some classic EXIF 32 char limits make no real sense anymore: Numbers/time type use varchar(255), string type use mediumtext. The old actual size definition of the definition in $_zp_exifvars is ignored. [acrylian]
- Introduces replaceOption() and replaceThemeOption() functions in case options are renamed and need to be migrated [acrylian]
- Fixes bug with wrong sizes thumbs for multimedia items [acrylian]
- All menu entry (tabs) and utility button URLs defines must be absolute instead of relative now. On certain sublevels or on plugin based ones they could/would/do break otherwise. Any third party plugin defining menu entries or utility buttons should be updated to follow this [acryian, vincent3569, bic-ed, fretzl]
Plugins
- bxslider_thumb_nav: Scripts update to 4.2.1d - themes using it may require CSS adjustments [acrylian]
- cachemanager: Fixes issue with default thumb and sized image sizes not being registered correctly and introduces new option to enable these default sizes. [acrylian]
- cachemanager: Also partly rework of pre-caching backend functionality to work more reliable (requires PHP cURL extension) [acrylian]
- cachemanager: Some functions have been moved to the cacheManager class or have been deprecated. Some naming changed as the cacheManger often referred to "theme cache sizes" although it covered plugins as well [acrylian]
- comment_form: Fixes data privacy note disabling admin e-mail notifications on new comments [acrylian]
- contact_form: Proper linebreaks for privacy agreement sentence in mails sent [acrylian]
- contact_form: Fix small issue on saving if Zenpage is enabeld but pages are not [acrylian]
- contact_form: Fix issue with form being cleard if data privacy statement agreement required and not given [acrylian]
- cookieconsent: Removes several options that were not yet used and restore some accidentally unused [vincent3569, fretzl]
- html_metatags: Fixes Facebook ID [acrylian, Thanks to undagiga]
- jPlayer: Update player scripts to 2.9.2 [acrylian|
- mobileTheme: mobile_detect library updated to 2.8.33 [acrylian]
- openstreetmap: Various script updates to leafletjs and the plugins control MiniMap, leaflet-providers, leaflet markerclusters [vincent3569]
- openstreetmap: New tile layer selector option to allow visitors to switch between different map tile styles [vincent3569]
- phpMailer: phpMailer updated to 6.0.6 - See security section above[fretzl, acrylian]
- rewriteTokens: Works now with missing rewrite token defines in the config file and will re-add defines on saving options [acrylian]
- rss: Prevent invalid rss feeds if there are no item results by providing a placeholder <item> entry [acrylian]
- rss: Album title is now correctly added to the channel title for album feeds [acrylian]
- seo_zenphoto: Fix duplicated hyphens and some wrong special char (German umlauts specifially) conversion [acrylian, thanks to kochs-online|
- sitemap: Fixes usages for outdated method [Simounet]
- slideshow2: cycle2 scripts updated [acrylian]
Themes
- basic: Some CSS cleanup [fretzl|
- Zenpage: Defines the default thumb size for cachemanager plugin correctly [acrylian]