Here is a detailed list of what has been changed in the php files from 4images 1.7.13 -> 1.8.
(The best way for yourself to compare the code of files is to use Winmerge.)
Open: admin/comments.php
search:
if ($action == "") {
$action = "modifycomments";
}
add after
$orderbyOptions = array(
'i.image_name' => $lang['field_image_name'],
'c.image_id' => $lang['image'] . ' ID',
'c.user_name' => $lang['field_username'],
'c.comment_headline' => $lang['field_headline'],
'c.comment_date' => $lang['field_date'],
);
search
<select name="orderby">
<option value="i.image_name" selected><?php echo $lang['field_image_name'] ?></option>
<option value="c.image_id" selected><?php echo $lang['image'] ?> ID</option>
<option value="c.user_name"><?php echo $lang['field_username'] ?></option>
<option value="c.comment_headline"><?php echo $lang['field_headline'] ?></option>
<option value="c.comment_date"><?php echo $lang['field_date'] ?></option>
</select>
replace with
<select name="orderby">
<?php foreach ($orderbyOptions as $field => $label): ?>
<option value="<?php echo $field; ?>"><?php echo $label; ?></option>
<?php endforeach; ?>
</select>
search
$orderby = trim($HTTP_POST_VARS['orderby']);
if ($orderby == "") {
$orderby = "i.image_name";
replace with
$orderby = trim($HTTP_POST_VARS['orderby']);
if (!isset($orderbyOptions[$orderby])) {
$orderby = "i.image_name";
}
search
if (isset($HTTP_GET_VARS['direction']) || isset($HTTP_POST_VARS['direction'])) {
$direction = (isset($HTTP_GET_VARS['direction'])) ? trim($HTTP_GET_VARS['direction']) : trim($HTTP_POST_VARS['direction']);
}
else {
$direction = "ASC";
}
replace with
$direction = "ASC";
if (isset($HTTP_GET_VARS['direction']) || isset($HTTP_POST_VARS['direction'])) {
$requestedDirection = (isset($HTTP_GET_VARS['direction'])) ? trim($HTTP_GET_VARS['direction']) : trim($HTTP_POST_VARS['direction']);
if ('DESC' === $requestedDirection) {
$direction = "DESC";
}
}
Open: admin/images.php
search
if ($action == "") {
$action = "modifyimages";
}
add after
$orderbyOptions = array(
'i.image_name' => $lang['field_image_name'],
'i.image_media_file' => $lang['field_image_file'],
'i.image_thumb_file' => $lang['field_thumb_file'],
'i.cat_id' => $lang['field_category'],
'i.image_date' => $lang['field_date'],
'i.image_downloads' => $lang['field_downloads'],
'i.image_rating' => $lang['field_rating'],
'i.image_votes' => $lang['field_votes'],
'i.image_hits' => $lang['field_hits'],
);
search
<select name="orderby">
<option value="i.image_name" selected><?php echo $lang['field_image_name'] ?></option>
<option value="i.image_media_file"><?php echo $lang['field_image_file'] ?></option>
<option value="i.image_thumb_file"><?php echo $lang['field_thumb_file'] ?></option>
<option value="i.cat_id"><?php echo $lang['field_category'] ?></option>
<option value="i.image_date"><?php echo $lang['field_date'] ?></option>
<option value="i.image_downloads"><?php echo $lang['field_downloads'] ?></option>
<option value="i.image_rating"><?php echo $lang['field_rating'] ?></option>
<option value="i.image_votes"><?php echo $lang['field_votes'] ?></option>
<option value="i.image_hits"><?php echo $lang['field_hits'] ?></option>
</select>
replace with
<select name="orderby">
<?php foreach ($orderbyOptions as $field => $label): ?>
<option value="<?php echo $field; ?>"><?php echo $label; ?></option>
<?php endforeach; ?>
</select>
search
$orderby = trim($HTTP_POST_VARS['orderby']);
if ($orderby == "") {
$orderby = "i.image_name";
}
replace with
$orderby = trim($HTTP_POST_VARS['orderby']);
if (!isset($orderbyOptions[$orderby])) {
$orderby = "i.image_name";
}
search
if (isset($HTTP_GET_VARS['direction']) || isset($HTTP_POST_VARS['direction'])) {
$direction = (isset($HTTP_GET_VARS['direction'])) ? trim($HTTP_GET_VARS['direction']) : trim($HTTP_POST_VARS['direction']);
}
else {
$direction = "ASC";
}
replace with
$direction = "ASC";
if (isset($HTTP_GET_VARS['direction']) || isset($HTTP_POST_VARS['direction'])) {
$requestedDirection = (isset($HTTP_GET_VARS['direction'])) ? trim($HTTP_GET_VARS['direction']) : trim($HTTP_POST_VARS['direction']);
if ('DESC' === $requestedDirection) {
$direction = "DESC";
}
}
Open: admin/progress.php
search
<body onload="start_animation()">
replace with
<body onLoad="start_animation()">
Open: admin/users.php
search
if ($action == "") {
$action = "modifyusers";
}
add after
$orderbyOptions = array(
get_user_table_field("", "user_name") => $lang['field_username'],
get_user_table_field("", "user_email") => $lang['field_email'],
get_user_table_field("", "user_joindate") => $lang['field_joindate'],
get_user_table_field("", "user_lastaction") => $lang['field_lastaction'],
);
search
<select name="orderby">
<option value="<?php echo get_user_table_field("", "user_name"); ?>" selected><?php echo $lang['field_username']; ?></option>
<option value="<?php echo get_user_table_field("", "user_email"); ?>"><?php echo $lang['field_email']; ?></option>
<option value="<?php echo get_user_table_field("", "user_joindate"); ?>"><?php echo $lang['field_joindate']; ?></option>
<option value="<?php echo get_user_table_field("", "user_lastaction"); ?>"><?php echo $lang['field_lastaction']; ?></option>
</select>
replace with
<select name="orderby">
<?php foreach ($orderbyOptions as $field => $label): ?>
<option value="<?php echo $field; ?>"><?php echo $label; ?></option>
<?php endforeach; ?>
</select>
search
$orderby = trim($HTTP_POST_VARS['orderby']);
if ($orderby == "") {
$orderby = get_user_table_field("", "user_name");
}
replace with
$orderby = trim($HTTP_POST_VARS['orderby']);
if (!isset($orderbyOptions[$orderby])) {
$orderby = get_user_table_field("", "user_name");
}
search
if (isset($HTTP_GET_VARS['direction']) || isset($HTTP_POST_VARS['direction'])) {
$direction = (isset($HTTP_GET_VARS['direction'])) ? trim($HTTP_GET_VARS['direction']) : trim($HTTP_POST_VARS['direction']);
}
else {
$direction = "ASC";
}
replace with
$direction = "ASC";
if (isset($HTTP_GET_VARS['direction']) || isset($HTTP_POST_VARS['direction'])) {
$requestedDirection = (isset($HTTP_GET_VARS['direction'])) ? trim($HTTP_GET_VARS['direction']) : trim($HTTP_POST_VARS['direction']);
if ('DESC' === $requestedDirection) {
$direction = "DESC";
}
}
Open: admin/validateimages.php
search
if (isset($HTTP_GET_VARS['orderby']) || isset($HTTP_POST_VARS['orderby'])) {
$orderby = (isset($HTTP_GET_VARS['orderby'])) ? stripslashes(trim($HTTP_GET_VARS['orderby'])) : stripslashes(trim($HTTP_POST_VARS['orderby']));
}
else {
$orderby = "i.image_date";
}
replace with
$orderbyOptions = array(
'i.image_name' => $lang['field_image_name'],
'i.cat_id' => $lang['field_category'],
'i.image_date' => $lang['field_date'],
get_user_table_field("u.", "user_name") => $lang['field_username']
);
$orderby = "i.image_date";
if (isset($HTTP_GET_VARS['orderby']) || isset($HTTP_POST_VARS['orderby'])) {
$requestedOrderby = (isset($HTTP_GET_VARS['orderby'])) ? stripslashes(trim($HTTP_GET_VARS['orderby'])) : stripslashes(trim($HTTP_POST_VARS['orderby']));
if (isset($orderbyOptions[$requestedOrderby])) {
$orderby = $requestedOrderby;
}
}
search
if (isset($HTTP_GET_VARS['direction']) || isset($HTTP_POST_VARS['direction'])) {
$direction = (isset($HTTP_GET_VARS['direction'])) ? trim($HTTP_GET_VARS['direction']) : trim($HTTP_POST_VARS['direction']);
}
else {
$direction = "ASC";
}
replace with
$direction = "ASC";
if (isset($HTTP_GET_VARS['direction']) || isset($HTTP_POST_VARS['direction'])) {
$requestedDirection = (isset($HTTP_GET_VARS['direction'])) ? trim($HTTP_GET_VARS['direction']) : trim($HTTP_POST_VARS['direction']);
if ('DESC' === $requestedDirection) {
$direction = "DESC";
}
}
search
<select name="orderby">
<option value="i.image_name" selected><?php echo $lang['field_image_name'] ?></option>
<option value="i.cat_id"><?php echo $lang['field_category'] ?></option>
<option value="i.image_date"><?php echo $lang['field_date'] ?></option>
<option value="<?php echo get_user_table_field("u.", "user_name"); ?>"><?php echo $lang['field_username'] ?></option>
</select>
replace with
<select name="orderby">
<?php foreach ($orderbyOptions as $field => $label): ?>
<option value="<?php echo $field; ?>"><?php echo $label; ?></option>
<?php endforeach; ?>
</select>
Open: includes/constants.php
search
define('SCRIPT_VERSION', '1.7.13');
replace with
define('SCRIPT_VERSION', '1.8');
Open: includes/db_mysql.php
search
function Db($db_host, $db_user, $db_password = "", $db_name = "", $db_pconnect = 0) {
replace with
function __construct($db_host, $db_user, $db_password = "", $db_name = "", $db_pconnect = 0) {
search
$this->error("Could not connect to the database server ($db_host, $db_user).", 1);
replace with
$this->error("Could not connect to the database server (".safe_htmlspecialchars($db_host).", ".safe_htmlspecialchars($db_user).").", 1);
search
$this->error("Could not select database ($db_name).", 1);
replace with
$this->error("Could not select database (".safe_htmlspecialchars($db_name).").", 1);
search
return $this->connection;
}
function escape($value) {
return mysql_real_escape_string($value, $this->connection);
}
replace with
mysql_set_charset('utf8', $this->connection);
return $this->connection;
}
function escape($value) {
return mysql_real_escape_string($value, $this->connection);
}
search
$this->error("<b>Bad SQL Query</b>: ".htmlentities($query)."<br /><b>".mysql_error()."</b>");
replace with
$this->error("<b>Bad SQL Query</b>: ".safe_htmlspecialchars($query)."<br /><b>".safe_htmlspecialchars(mysql_error())."</b>");
Open: includes/email.php
search
function Email() {
replace with
function __construct() {
search
global $config;
add after
global $lang;
search
return $header;
}
replace with
$header .= "Content-Type: text/plain; charset=" . strtolower($lang['charset']) . "\r\n";
return $header;
}
Open: includes/page_header.php
search
if ($csrf_protection_enable && $csrf_protection_frontend) {
csrf_start(true);
}
add after
if (!headers_sent()) {
header('Content-Type: text/html;charset=' . $lang['charset'], true);
}
Open: includes/paging.php
search
function Paging($page = 1, $perpage = 0, $num_rows_all = 0, $link_args = "") {
replace with
function __construct($page = 1, $perpage = 0, $num_rows_all = 0, $link_args = "") {
Open: includes/sessions.php
search
function Session() {
replace with
function __construct() {
Open: includes/template.php
search
function Template($template_path = "") {
replace with
function __construct($template_path = "") {
Open: includes/upload.php
search
function Upload() {
replace with
function __construct() {
Open: includes/zip.php
search
function Zipfile($level = 9) {
replace with
function __construct($level = 9) {
Open: lang/(deutsch/spanish/english)/main.php
search
$lang['charset'] = "iso-8859-1";
replace with
$lang['charset'] = "UTF-8";