trisweb.com

« archives

January 2007
S	M	T	W	T	F	S
« Dec		Feb »
	1	2	3	4	5	6
7	8	9	10	11	12	13
14	15	16	17	18	19	20
21	22	23	24	25	26	27
28	29	30	31

recently

news from around the web

Microsoft is Dead - What do you know, he’s right. Old news, yes, but good to realize.
Kuler - A great color scheme sharing and searching site from Adobe.
Discussion thread from the original iPod announcement. - Just goes to show how much people underestimate the power of good design!
Customer Service - A great article at Joel on Software on why customer service is so important. He’s right!
The Last Question - If you’ve never read this, it’s quite possibly the best sci-fi story ever written. Short and sweet, and so beautiful and true.
How to pour ketchup from a full bottle - Someone showed me this at dinner last night and it really works. I was amazed.
365 Days of Skywatching - A free e-book that shows what you can see in the night sky every day this year.
Wordpress 2.0! - I’ll review it soon. It looks like an improvement so far!
Zenphoto beta - get it while it’s hot!
Mint - Looks like a very well made stats app.

» view all

daily reads

» more links

Important Zenphoto 1.0.7 Release

January 27th 2007

Zenphoto 1.0.7 has been released tonight with one small change — an important security fix for a problem with upwards directory traversal using “..” as the album name. I’ve simply filtered it out (in two places) and it shouldn’t be a problem again. Thanks to nicosomb for reporting this on the forums.

Everyone using any previous version should upgrade as soon as possible, though no need to worry — there’s not much risk from this bug, only the possibility of seeing folder names (and nothing else) in your web site’s directories that are accessible to your user. No files can be opened, nor any applications exploited. But upgrade anyway

4 Responses to “Important Zenphoto 1.0.7 Release”

Randy Commented at 4:44 pm on February 14th 2007

Just to let you know, I’ve taken the text below from my blog.

“The last couple of days I’ve been real busy with collecting and categorising new photos that will come online when the new Photogallery does. I’ve already searched the Internet for some good photogallery scripts and it’s almost for sure that I’ll go with ZenPhoto because this one looks very nice and clean and is very simple to use. I’m only waiting till they get out of beta testing so that some popular awaited features (like subalbums and spam protection on the comments) are added and the chance on errors will be smaller. I hope they will be done with this soon so that I can start using it and finally can get rid of the cluttered Coppermine Photogallery.”

Any word yet on the “out-of-beta” version of Zenphoto?

Keep up the good work! I love this little piece of software.
Wouter Commented at 2:54 am on February 24th 2007

I Just Love Zenphoto and U keeping it alive!

Keep up the fine work mate!
amin Commented at 10:57 pm on September 9th 2007

I have a problem with i.php. Because my php GD library version is 1.6. So the thumbnail generaot is fail for generate the thnumbnail. Could you advise what to do? At least I want to subtitute it with an icon
Tristan Commented at 10:59 pm on September 9th 2007

amin - please use the support forums available at http://www.zenphoto.org/support for questions, you’ll get more help there.

All I can say is Zenphoto requires GD version 2 and a recent version of PHP to function properly.

Even if you fix the thumbnails, the rest of the images will not work. Please contact your host and ask them to upgrade to more modern software.

summer 2004