Zenphoto

This is a minor bugfix release. 

General

• Follow-up fixes regarding the new dirty form check on the backend [fretzl]
• Some fixes regarding PHP 7 compatibility [fretzl]
• New parameter $printHomeURL added to printGalleryIndexURL() function to hide the home-link if desired [fretzl - thanks to vincent3569]
  
• Fix getParentBreadcrumb() where toplevel parent returned wrong page number[acrylian, fretzl]

Themes

• Fix issue with gallery page number in Garland theme [fretzl]
• Fix issue with Custom Homepage option in Garland theme [fretzl]

Plugins

• Fix themeSwitcher plugin to work with new admintoolbox layout [acrylian]
• Better layout of the site_upgrade plugin placeholder page and finaly got rid of the ugly placeholder image whose usage wasn't clear as (...)

Read more

In case you haven't heard about there were some serious vulnerabilites in ImageMagick discovered:

There are multiple vulnerabilities in ImageMagick, a package commonly used by web services to process images. One of the vulnerabilities can lead to remote code execution (RCE) if you process user submitted images. The exploit for this vulnerability is being used in the wild.

A number of image processing plugins depend on the ImageMagick library, including, but not limited to, PHP’s imagick, Ruby’s rmagick and paperclip, and nodejs’s imagemagick.
Source: https://imagetragick.com

Since Zenphoto may use PHP Imagick for image processing you might be affected as well especially if you let third parties upload images to your site.

Since this a server side extension there is nothing we can do. If you have (...)

Read more

This is a bugfix and minor security release.

General

• Fixes a RFI and – on older PHP versions – possible LFI security issues on log downloads on the backend [acrylian - Thanks to Tim Coen/Curesec]
• Zenphoto now consequently generates urls with a trailing slash. That is basically any url except for the single image page which normally uses a suffix. The .htaccess file includes new lines to always direct to the trailing slash url to avoid duplicated content because url's without it will still work. If you are not on an Apache server (like Nginx) that does not support htaccess your might need to setup something on your server yourself [acrylian - Thanks to Simounet for the htaccess addition]
• The admin toolbox you get on your site frontend in the top right corner if loggedin has been modified to a fullwidth toolbar now. The reason is that especially on mobile themes/ (...)

Read more

Olivier Ffrench has released an update of his responsive theme and also modified the look a bit. Take a look at the screenshots below or see the theme in action on his website.

Genesis Farm And Gardens

 

Lorien Beijaert

 

The (...)

Read more

The plugin has been updated and moved to https://www.zenphoto.org/news/zenphoto-json-rest-api/ 

Confluent

 

Florida Public Archaeology Network – Destination: Civil War

 

(...)

Read more

The WordPress plugin "ZenphotoPress" by Alessandro Morandi (Simbul) to embed images from Zenphoto into WordPress posts had been abandoned for some years.

It now has been revived by mrskhris and just got it first update. You find it as usual on the WordPress plugin repository: https://wordpress.org/plugins/zenphotopress/

Wishing everyone a very happy holiday season and a new year full of good luck and happiness (and beautiful photos) for you and your loved ones. 

—The Zenphoto Team

P.S. – Keep watching this space! 2016 is going to be a good year for Zenphoto.