Zenphoto 1.4.12 Mar 14, 2016
This is a bugfix and minor security release.
- Fixes a RFI and – on older PHP versions – possible LFI security issues on log downloads on the backend [acrylian - Thanks to Tim Coen/Curesec]
- Zenphoto now consequently generates urls with a trailing slash. That is basically any url except for the single image page which normally uses a suffix. The .htaccess file includes new lines to always direct to the trailing slash url to avoid duplicated content because url's without it will still work. If you are not on an Apache server (like Nginx) that does not support htaccess your might need to setup something on your server yourself [acrylian - Thanks to Simounet for the htaccess addition]
- The admin toolbox you get on your site frontend in the top right corner if loggedin has been modified to a fullwidth toolbar now. The reason is that especially on mobile themes/ (...)