Zenphoto 1.4.12 March 14, 2016

This is a bugfix and minor security release.

General

• Fixes a RFI and – on older PHP versions – possible LFI security issues on log downloads on the backend [acrylian - Thanks to Tim Coen/Curesec]
• Zenphoto now consequently generates urls with a trailing slash. That is basically any url except for the single image page which normally uses a suffix. The .htaccess file includes new lines to always direct to the trailing slash url to avoid duplicated content because url's without it will still work. If you are not on an Apache server (like Nginx) that does not support htaccess your might need to setup something on your server yourself [acrylian - Thanks to Simounet for the htaccess addition]
• The admin toolbox you get on your site frontend in the top right corner if loggedin has been modified to a fullwidth toolbar now. The reason is that especially on mobile themes/ small viewport sizes the old button may cover and therefore disables the actual site menu in that corner. For this reason the toolbox now pushes the <body> down so no overlapping should occur. Also the list entries have been made bigger so it is more suitable for touch device usage.
  In case it still conflicts with your custom theme you may need to setup it to support the toolbox properly by overriding the styles via your theme's CSS. Or alternatively you can remove the toolbox via the theme_body_close filter. [acrylian]
• Fix Imagick rendering of .bmp and .tiff files [fretzl]
• Fixes full-image access with hotlinking if non standard HTTP ports are used [ludgerh]
• Fixes setup with custom session path handlers like Redis (follow up fix to 1.4.10) [acrylian]
• Fixes a general issue that prevented some plugins like downloadList to work correctly if the static_html_cache was enabled [acrylian]
• Minor bugfix in printPagelistWithNav() [IliyanGochev]
• Album breadcrumbs now returns to the page the album is on for sub albums, too [acrylian]
• We got frequent reports that our form change check script jquery.are-you-sure triggered often unwanted. Although we couldn't reproduce most issues ourselves we decided to switch to jquery.dirtyforms now. It is the other "major" script for this task and also more current and actively developed [acrylian, fretzl]

Plugins

• Zenpage: 
  • printNestedMenu() plus printPageMenu() and printAllNewsCategories() using it internally now have always default ids/classes attached if none are set respectively not set to null [acrylian]:  
    • main id: menu_pages or menu_categories
    • top level active class: menu_topactive
    • sub list class: submenu
    • sub level active class: menu_active
    • Additionally the link element of entries that are protected have the class has_password attached. 
  • printZenpageItemsBreadcrumb() incorporates the news index url now so you return to the right page number from single article pages. Minor theme change require: You have to remove printNewsIndexURL() from news.php and pages.php. Otherwise you will get a double "news" in the breadcrumb. [acrylian]
• static_html_cache: Album and images pages in search results are now handled correctly [acrylian]
• html_meta_tags: Abandons individual open graph options for a general one as most are required anyway. You might need to reset the option if you wish to use these [acrylian]
• print_album_menu: The list variant now has always default ids/classes attached if none are set respectively not set to null [acrylian]: 
  • main id: menu_albums
  • top level active class: menu_topactive
  • sub list class: submenu
  • sub level active class: menu_active
  • Additionally, the link element of entries that are protected have the class has_password attached. 
• uploader_http: Fixes unwanted changes of publish status if uploading images [fretzl, acrylian]
• GoogleMap: cacheManager support for marker overlay thumbs added to workaround conflicts with the static_html_cache plugin [acrylian, fretzl]
• tinymce4: Update to TinyMCE 4.3.3
• elFinder: Update to elFinder 2.1.6
• dynamic_locale: Some fixes for subdomain usage and with seo_locale [reine-k adapted from a fix by sbillard]

 Translations

• Danish [jesdnissen]
• Dutch [fretzl]
• French [Michel Gagnon]
• German [acrylian]
• Italian [bic]
• Japanese [momo-i|
• Slovak [tangorn]