Happy New Year Jan 01, 2012
The Zenphoto team would like to thank all who contributed and helped last year. Now on to Zenphoto's "seventh-year itch"!
front_end_edit Dec 30, 2011
Provides front-end editing capability that has been removed from Zenphoto 1.4.2 for security reasons.
This plugin does not support editing tags.
Note: this is plugin not secure! It is vulnerable to cross site reference forgeries (as was the feature in Zenphoto that it replaces.) We do not recommend using this plugin. It is provided solely for those who cannot wean themselves from front-end editing.
Zenphoto 1.4.2 RC2 Dec 30, 2011
Zenphoto 1.4.2 RC1 Dec 17, 2011
Zenphoto.org is now running 1.4.2 Dec 10, 2011
We are pleased to announce that we have upgraded the Zenphoto site to the Beta of the 1.4.2 release. We believe the release is now stable (or we would not run our site on it.) I would expect shortly that we will generate our first release candidate for Zenphoto 1.4.2.
Please give 1.4.2 a try.
Ajax Filemanager returns Dec 05, 2011
We are pleased to announce that we have an updated version of Ajax Filemanager which has all known security holes plugged. We are releasing this version with the 1.4.2 Zenphoto release and it is currently available in the Beta of that release.
We understand that some people will be reluctant to use this plugin owing to the recent hacks of Zenphoto sites. For this reason, Ajax Filemanager is now a plugin and is disabled by default. If you wish to use the Filemanager functionality go to the plugins tab and enable the Ajax Filemanager plugin.
Please note that the code we have released HAS BEEN MODIFIED to close these security holes. We are still waiting for updates from the developer. Until such time as these are available and activated by default the developer released versions of Ajax Filemanager should not be considered secure. As released they are subject to direct access (bypassing Zenphoto security), and Cross Site Reference Forgeries. DO (...)
albumZipStream Nov 15, 2011
A plugin that is able to create zip-files on the fly while streaming them. Other than that the functionality is the same as Zenphoto's album-zip.
Zenphoto 126.96.36.199 Nov 11, 2011
This is a security update to the issues reported and the only change to Zenphoto 188.8.131.52 is the removal of the 3rd party Ajax File Manager tool as already discussed. Info about that here:
We urge anyone to upgrade. Download as always on our download page. If you access the file manager sub tab on the backend tab you will get a 404 not found. That is meant to happen.
This is a hotfix. The nightly builds have the file manage removed as well but are 1.4.2 beta already as the 1.4.1.x stream was actually considered closed (as announced already). Therefore there is no and wil be no tag for 184.108.40.206 in any svn stream.
Again, we are very sorry this all was possible. Thanks all for your support (...)