4.1.5

admin/fieldgroups.php

@@ -56,10 +56,14 @@ public function __construct()
 
     protected function _gridRead($params)
     {
-        return (isset($params['get']) && 'tabs' == $params['get'])
-            ? $this->_iaDb->onefield('name',
-                "`item` = '{$params['item']}' AND `name` != '{$params['name']}' AND `tabview` = 1")
-            : parent::_gridRead($params);
+        if (1 == count($this->_iaCore->requestPath) && 'tabs' == $this->_iaCore->requestPath[0]) {
+            $where = '`item` = :item AND `name` != :name AND `tabview` = 1';
+            $this->_iaDb->bind($where, $params);
+
+            return $this->_iaDb->onefield('name', $where);
+        }
+
+        return parent::_gridRead($params);
     }
 
     protected function _gridQuery($columns, $where, $order, $start, $limit)

admin/fields.php

@@ -201,7 +201,7 @@ protected function _preSaveEntry(array &$entry, array $data, $action)
         $this->_values = null;
 
         $entry['name'] = iaSanitize::alias($data['name']);
-        $entry['item'] = $data['item'];
+        $entry['item'] = iaSanitize::paranoid($data['item']);
         $entry['type'] = $data['type'];
         $entry['empty_field'] = $data['empty_field'];
         $entry['relation'] = $data['relation'];

admin/pages.php

@@ -311,6 +311,8 @@ protected function _assignValues(&$iaView, array &$entryData)
         $parentPage = $this->getHelper()->getByName($entryData['parent'], false);
         $groups = $this->getHelper()->getGroups([$this->_iaCore->get('home_page'), $entryData['name']]);
         $isHomepage = ($this->_iaCore->get('home_page', iaView::DEFAULT_HOMEPAGE) == $entryData['name']);
+        $homePageTitle = $this->_iaDb->one_bind('value', '`key` = :key AND `category` = :category',
+            ['key' => 'page_title_' . $this->_iaCore->get('home_page'), 'category' => iaLanguage::CATEGORY_PAGE], iaLanguage::getTable());
 
         list($title, $content, $metaDescription, $metaKeywords) = $this->_loadMultilingualData($entryData['name']);
 
@@ -320,6 +322,7 @@ protected function _assignValues(&$iaView, array &$entryData)
         $iaView->assign('metaKeywords', $metaKeywords);
 
         $iaView->assign('isHomePage', $isHomepage);
+        $iaView->assign('homePageTitle', $homePageTitle);
         $iaView->assign('extensions', $this->getHelper()->extendedExtensions);
         $iaView->assign('menus', $this->_getMenus());
         $iaView->assign('pages', $this->getHelper()->getNonServicePages(['index']));

admin/permissions.php

@@ -74,6 +74,11 @@ private function _getSettings()
     }
 
     protected function _gridRead($params)
+    {
+        return iaVIew::errorPage(iaView::ERROR_NOT_FOUND);
+    }
+
+    protected function _gridUpdate($params)
     {
         $output = ['result' => false, 'message' => iaLanguage::get('invalid_parameters')];
         $settings = $this->_getSettings();

admin/templates/default/field-type-content-manage.tpl

@@ -203,7 +203,7 @@ $(function($)
                                     <input type="text" name="{$fieldName}[{$i}][title]" value="{$entry.title|escape}" id="{$fieldName}_{$entry@index}">
 
                                     <span class="input-group-btn">
-                                        <a class="btn btn-success uploads-list-item__img" href="{$core.page.nonProtocolUrl}uploads/{$entry.path}{$entry.file}" title="{$entry.title|escape}"><i class="i-box-add"></i></a>
+                                        <a class="btn btn-success uploads-list-item__img" href="{$core.page.nonProtocolUrl}uploads/{$entry.path}{$entry.file}" title="{$entry.title|escape}" download><i class="i-box-add"></i></a>
                                         <a class="btn btn-danger js-cmd-delete-file" href="#" title="{lang key='delete'}" data-file="{$entry.file}" data-item="{$field.item}" data-field="{$field.name}" data-id="{$id}"><span class="fa fa-remove"></span></a>
                                         <span class="btn btn-default uploads-list-item__drag-handle"><span class="fa fa-reorder"></span></span>
                                     </span>

admin/templates/default/less/components/cards.less

@@ -122,10 +122,6 @@
         border-radius: 50%;
         border: 1px solid #f0f0f0;
       }
-
-      @media (min-width: 992px) and (max-width: 1280px) {
-        display: none;
-      }
     }
 
     &__body {

admin/templates/default/pages.tpl

@@ -108,7 +108,7 @@
                         <div class="alert alert-info">{lang key='already_home_page'}</div>
                     {else}
                         {html_radio_switcher value=$isHomePage name='home_page'}
-                        <p class="help-block">{lang key='current_home_page'}: <span class="text-danger">{lang key="page_title_{$core.config.home_page}"}</span></p>
+                        <p class="help-block">{lang key='current_home_page'}: <span class="text-danger">{$homePageTitle}</span></p>
                     {/if}
                 </div>
             </div>

changelog.txt

@@ -832,11 +832,28 @@
     - Bug #431: Items created by plugins don't have all features
     - Bug #435: The date is show incorrect
     - Bug #436: Hybrid Auth not working properly
+    - Bug #440: Incorrect working of mail signature
     - Bug #442: HybridAuth: Facebook login doesn't work
     - Bug #443: Post payment routine executed twice if paid by internal system funds
     - Bug #444: Primary language value is lost
+    - Bug #451: Images are not uploaded if watermark is enabled
+    - Bug #452: Text watermarks doesn't work
+    - Bug #455: Unable to set a package as default
     + Feature #360: Improve modules section
     + Feature #365: Provide more info when creating language
     + Feature #423: Add orientation fix for images with EXIF data
     + Feature #434: Remove item from favorites when deleted
-    + Feature #438: Change column type for text fields
+    + Feature #438: Change column type for text fields
+
+>> From 4.1.4 to 4.1.5 <<
+
+    - Bug #422: Values of tree field are not translated
+    - Bug #458: Detect SSL without port
+    - Bug #459: Filter in grid is shared accross several grids
+    - Bug #460: Inconsistent page name in pages mgmt
+    - Bug #461: Sitemap is deleted during cache clear
+    - Bug #462: Permissions issue
+    + Feature #344: Introduce more hooks
+    + Feature #466: Add config: allow animated gifs
+    + Feature #468: Properly escape HTML in debug output
+

includes/classes/ia.admin.module.php

@@ -1662,7 +1662,7 @@ public function _parserData($parser, $text)
             case 'block':
                 if ($this->_checkPath('blocks')) {
                     $filename = $this->_attr('filename');
-                    if ($filename && 'smarty' == $this->_attr('type')) {
+                    if ($this->itemData['type'] != self::TYPE_TEMPLATE && $filename && 'smarty' == $this->_attr('type')) {
                         $filename = sprintf(self::BLOCK_FILENAME_PATTERN, $this->itemData['name'], $filename);
                     }
 

includes/classes/ia.admin.sitemap.php

@@ -115,7 +115,7 @@ protected function _getUrls($setType)
                 $modulesList = $this->iaDb->keyvalue(['name', 'type'], iaDb::convertIds(iaCore::STATUS_ACTIVE, 'status'), $iaItem::getModulesTable());
                 $homePageName = $this->iaCore->get('home_page');
 
-                $stmt = '`nofollow` = 0 AND `service` = 0 AND `status` = :status AND `passw` = :password ORDER BY `order`';
+                $stmt = '`nofollow` = 0 && `service` = 0 && `status` = :status && `passw` = :password ORDER BY `order`';
                 $this->iaDb->bind($stmt, ['status' => iaCore::STATUS_ACTIVE, 'password' => '']);
 
                 $pages = $this->iaDb->all(['name', 'alias', 'custom_url', 'module'], $stmt, null, null, 'pages');

includes/classes/ia.base.module.front.php

@@ -260,6 +260,8 @@ protected function _processValues(&$rows, $singleRow = false, $fieldNames = [])
                     }
                 }
 
+                // mandatory keys
+                $row['item'] = $this->getItemName();
                 $row['link'] = $this->url('view', $row);
             }
         }

includes/classes/ia.core.field.php

@@ -162,7 +162,6 @@ protected function _fetchVisibleFieldsForPage($pageName, $itemName, $where)
 	FROM `:prefix:table_fields` f 
 LEFT JOIN `:prefix:table_pages` fp ON (fp.`field_id` = f.`id`) 
 WHERE fp.`page_name` = ':page' 
-	AND f.`status` = ':status' 
 	AND f.`item` = ':item' 
 	AND f.`adminonly` = 0 
 	AND :where 
@@ -174,7 +173,6 @@ protected function _fetchVisibleFieldsForPage($pageName, $itemName, $where)
             'table_fields' => self::getTable(),
             'table_pages' => self::getTablePages(),
             'page' => $pageName,
-            'status' => iaCore::STATUS_ACTIVE,
             'item' => $itemName,
             'where' => $where
         ]);
@@ -222,6 +220,11 @@ public function filter($itemName, array &$itemData, $pageName = null, $where = n
             foreach ($result as $field) {
                 $fieldName = $field['name'];
 
+                if (iaCore::STATUS_ACTIVE != $field['status'] && isset($itemData[$fieldName])) {
+                    unset($itemData[$fieldName]);
+                    continue;
+                }
+
                 // assign a default value if field is assigned to plan and item has no active 'sponsored' flag
                 if ($field['for_plan'] &&
                     (!isset($planFields) || (isset($planFields) && !in_array($fieldName, $planFields)))) {
@@ -297,9 +300,10 @@ protected static function _unpackValues(array &$fields)
                     break;
 
                 case self::TREE:
-                    $values = json_decode($field['values'], true);
-                    foreach ($values as &$v) {
-                        $v['text'] = self::getLanguageValue($field['item'], $field['name'], $v['id']);
+                    if ($values = json_decode($field['values'], true)) {
+                        foreach ($values as &$v) {
+                            $v['text'] = self::getLanguageValue($field['item'], $field['name'], $v['id']);
+                        }
                     }
 
                     $field['values'] = json_encode($values);

includes/classes/ia.core.mailer.php

@@ -36,6 +36,9 @@ class iaMailer extends PHPMailer
 
     protected $_defaultSignature;
 
+    protected $_templateName;
+    protected $_recipients = [];
+
 
     /**
      * Class initializer
@@ -121,6 +124,17 @@ public function setReplacements()
         }
     }
 
+    public function addAddress($address, $name = '')
+    {
+        if (parent::addAddress($address, $name)) {
+            $this->_recipients[$address] = $name;
+
+            return true;
+        }
+
+        return false;
+    }
+
     /**
      * Apply replacements in email Subject & Body
      */
@@ -142,6 +156,8 @@ public function loadTemplate($name)
 
         $options = json_decode($this->_iaCore->iaDb->one('options', iaDb::convertIds($name, 'name'), iaCore::getConfigTable()));
         $this->_defaultSignature = empty($options->signature);
+
+        $this->_templateName = $name;
     }
 
     /**
@@ -200,10 +216,11 @@ public function send($toAdmins = false)
         }
         $this->_applyReplacements();
         $this->_setBcc();
+        $this->_callHook('phpEmailToBeSent', $toAdmins);
 
-        $result = (bool)parent::send();
-
-        if (!$result) {
+        if ($result = (bool)parent::send()) {
+            $this->_callHook('phpEmailSent', $toAdmins);
+        } else {
             iaDebug::debug($this->ErrorInfo, 'Email submission');
         }
 
@@ -221,4 +238,16 @@ public function getError()
     {
         return $this->ErrorInfo;
     }
+
+    protected function _callHook($name, $toAdmins)
+    {
+        $params = [
+            'template' => $this->_templateName,
+            'subject' => $this->Subject,
+            'body' => $this->Body,
+            'recipients' => $this->_recipients
+        ];
+
+        $this->_iaCore->startHook($name . ($toAdmins ? 'ToAdministrators' : ''), $params);
+    }
 }

includes/classes/ia.core.mysqli.php

@@ -791,20 +791,19 @@ protected function _wrapValues($values, $rawValues)
 
         if (is_array($values)) {
             foreach ($values as $columnName => $value) {
-                $pattern = "`%s` = '%s'";
+                $pattern = '`%s` = %s';
 
                 switch (true) { // an order of statements is important!
                     case is_bool($value):
-                        $pattern = '`%s` = %s';
                         $value = $value ? 1 : 0;
                         break;
-                    case is_null($value):
-                        $pattern = '`%s` = %s';
-                        $value = 'NULL';
-                        break;
                     case is_scalar($value):
+                        $pattern = "`%s` = '%s'";
                         $value = iaSanitize::sql($value);
                         break;
+                    case is_null($value):
+                        $value = 'NULL';
+                        break;
                     default: // arrays, objects & resources are now actually ignored
                         continue;
                 }

includes/classes/ia.core.picture.php

@@ -39,8 +39,6 @@ class iaPicture extends abstractCore
         'image/png' => 'png'
     ];
 
-    protected $_allowAnimatedGifs = false;
-
 
     public function getSupportedImageTypes()
     {
@@ -105,7 +103,7 @@ protected function _processAnimatedGif($sourceFile, $destinationFile, $width, $h
     {
         require_once IA_INCLUDES . 'PHPImageWorkshop/Core/GifFrameExtractor.php';
 
-        if (GifFrameExtractor\GifFrameExtractor::isAnimatedGif($sourceFile) && $this->_allowAnimatedGifs) {
+        if (GifFrameExtractor\GifFrameExtractor::isAnimatedGif($sourceFile) && $this->iaCore->get('allow_animated_gifs')) {
             // Extractions of the GIF frames and their durations
             $gfe = new GifFrameExtractor\GifFrameExtractor();
 
@@ -138,7 +136,7 @@ public function process($sourceFile, $destinationFile, $mimeType, $width, $heigh
         try {
             // check this is an animated GIF
             if ('image/gif' == $mimeType) {
-                return $this->_processAnimatedGif($sourceFile, $destinationFile, $width, $height, $applyWatermark);
+                $this->_processAnimatedGif($sourceFile, $destinationFile, $width, $height, $applyWatermark);
             }
 
             $image = ImageWorkshop::initFromPath($sourceFile, true);

includes/classes/ia.core.transaction.php

@@ -285,12 +285,12 @@ public function getDashboardStatistics()
             isset($rows[$status]) || $rows[$status] = 0;
         }
 
-        $total = $this->iaDb->one_bind('ROUND(SUM(`amount`)) `total`', "`status` = :status && (`item` = 'funds' || (`item` != 'funds' && `gateway` != 'funds'))", ['status' => self::PASSED]);
-        $total || $total = 0;
+        $total = (int)$this->iaDb->one_bind('ROUND(SUM(`amount`)) `total`',
+            "`status` = :status && (`item` != :funds || (`item` = :funds && `gateway` != ''))",
+            ['status' => self::PASSED, 'funds' => 'funds']);
 
         $this->iaDb->resetTable();
 
-
         return [
             '_format' => 'medium',
             'data' => ['array' => implode(',', $data)],

includes/classes/ia.core.util.php

@@ -99,6 +99,7 @@ public static function safeHTML($string)
         $config->set('Attr.AllowedRel', 'facebox,nofollow,print,ia_lightbox');
 
         // allow YouTube and Vimeo
+        $config->set('HTML.AllowedElements', array('iframe'));
         $config->set('HTML.SafeIframe', true);
         $config->set('URI.SafeIframeRegexp', '%^(https?:)?//(www\.youtube(?:-nocookie)?\.com/embed/|player\.vimeo\.com/video/|www\.google\.com/maps/embed\?)%');
 
@@ -366,7 +367,7 @@ public static function cascadeDeleteFiles($directory, $removeDirectories = true)
             $handle = opendir($directory);
 
             while ($item = readdir($handle)) {
-                if ($item != '.' && $item != '..' && $item != '.htaccess') {
+                if (!in_array($item, ['.', '..', '.htaccess', 'sitemap.xml'])) {
                     $path = $directory . IA_DS . $item;
                     is_dir($path) ? self::cascadeDeleteFiles($path, true) : self::deleteFile($path);
                 }