Coppermine Photo Gallery v1.5.x: Documentation and Manual

Inhoudstafel
No translation available

Upgrading

Please note: as there have been changes both in the coppermine files and the database from previous versions to cpg1.5.x, users of older versions than cpg1.5.0 will have to apply all steps mentioned below: both the files have to be replaced and the update.php script has to be run once.

Why upgrade?

There are major and minor releases of Coppermine. Major releases have so far been cpg1.0, cpg1.1, cpg1.2.x, cpg1.3.x, cpg1.4.x and cpg1.5.x. The next major release will be cpg1.6.x (which currently is in the dev pipeline - no scheduled release date yet) - you're just reading the docs for cpg1.5.x. Minor releases (the third number in the version numbering scheme) represent updates, also known as "maintenance releases". Major releases contain new features (compared to the previous major release), minor releases do not contain new features, but only bug fixes and slight improvements (like additional language files).

To understand the release policy of the coppermine dev team you have to understand how bugs are being fixed: we maintain a repository where the core code of each major release is being constantly being improved. Major and minor bugs that are reported on the coppermine support board are being fixed in that repository. Once a new package is being bundled, all fixes that have been made in that repository go into the new maintenance release.

There is a good reason for every new maintenance release: they are usually being packaged when a new bug or vulnerability is being discovered that is relevant in terms of security. As suggested above, there are several minor bugfixes that go into each new release as well, not only the one major bug or vulnerability that lead to the maintenance release. Therefore, it will not be enough to just fix the single vulnerability that has been the initial reason for a new package to be released. Instead, always upgrade to the most recent stable release as soon as it has been announced.

Reasons for package releases

This is a list of minor releases of cpg1.5.x and the reason why they have been released. It is meant to explain why you should upgrade as soon as possible to the most recent stable release if you are running an outdated version.

Details
Package Reason for release Release Date
cpg1.5.20
  • Security release (stable)
  • Announcement thread
  • Disabled possibility to move albums to root level of user category (thread)
  • Fixed broken IP address lookup (thread)
  • Fixed email validation for registration process (thread)
  • Updated Serbian language file (user contribution)
  • Changed status in credits section to 'retired'
  • Updated Italian language file (user contribution)
  • Re-added 'search by owner name' checkbox to search form (thread, thread)
  • New feature: display only the uploaded files from the last queue after flash upload (thread)
  • Fixed behavior of "Show first level album thumbnails in categories" setting (thread)
  • Added plugin hook 'theme_album_params'
  • Fixed quota bar in user manager for secondary group memberships (thread)
  • Display default groups "Administrators" and "Registered" on modify user page (thread)
  • Moved code from usermgr.php to function 'cpg_get_groups'
  • Added Opera compatibility for rounded corners to theme 'curve' (thread)
  • Fixed error message at "Edit file information" form (thread)
  • Updated EXIF library (thread)
  • Fixed clickable keywords in file information box at intermediate view (thread)
  • Fixed search results when searching for specific characters (thread)
  • Fixed error message when activating more than one user in the user manager (thread)
  • Fixed different gallery behavior for register_globals on/off setting (thread)
2012-03-29
cpg1.5.18
  • Security release (stable)
  • Announcement thread
  • Added plugin hook 'upload_file_name'
  • Add default values on 'onlinestats' installation to avoid weird dates right after plugin installation (thread)
  • Updated Arabic language file (user contribution)
  • Fixed simple upload process when users can just upload to their personal gallery (thread)
  • Added upload button after each album name in album manager
  • Added anchors on plugin manager
  • Fixed infinite loop for delayed cookie issue workaround (thread)
  • Disallow dots in cookie name (thread)
  • Fixed issue with very big 'Max size for uploaded files' values (thread)
  • Fixed album thumbnails for public albums in 'My gallery' view for regular users
  • Fixed clickable keywords with spaces (thread)
  • Fixed critical error for 'lasthits' meta album (thread)
  • Fixed misleading error message when uploading files that exceed the file size limit with the simple upload form (thread)
  • Added hidden feature "Create sub-directory named according to the album ID in users' upload directories during HTTP upload"
  • Use selected album thumbnail for 'lastup' meta album (thread)
  • Create user album in personal gallery when user is created via the user manager (thread)
  • Added captcha for ecards feature (thread)
  • Fixed a potential path disclosure vulnerability in core plugin configuration files
  • Updated date/time formats in English (British) language file (thread)
  • Updated header information to reflect new year
2012-01-10
cpg1.5.16
  • Security release (stable)
  • Announcement thread
  • Fixed 'delete all comments' function in album properties
  • Fixed issue with registration process if both email verification and admin activation are enabled
  • Added plugin hook 'register_form_validate'
  • Fixed display of non-image files when 'Go directly from thumbnail to full-sized image' is enabled in config (thread)
  • Also send activation confirmation email if the user has been activated via the user manager (thread)
2011-09-01
cpg1.5.14
  • Maintenance release (stable)
  • Announcement thread
  • Fixed username in activation mail (thread)
  • Fixed version number displayed on the index page in the doc
  • Added Norwegian language file (user contribution)
  • Fixed album thumbnail for keyword albums without physical files when link_pic_count is disabled (thread)
  • Use the intermediate picture 'use dimension' setting when resizing full-sized pictures during the upload process
  • Fixed spelling of 'email' in German language files
  • Fixed validation of ImageMagick path in config
  • Added missing jump label 'top_display_media' to theme 'eyeball' (thread)
  • Fixed PHP notices 'Undefined variable' and 'Use of undefined constant' during install step 2 (thread)
  • Fixed some missing icons in help pages (thread)
  • Fixed detection of intermediate-sized pictures when renaming files (thread)
  • Added Serbian language file (user contribution)
  • Fixed embedding of SWF files (thread)
  • Fixed safe_mode check when sending emails
  • Fixed selection of gallery icon for user categories (thread)
  • Fixed display of random album thumbnail in sub-category if album keyword is set (thread)
  • Updated Turkish language file (user contribution)
  • Fixed user manager issue (thread)
  • Fixed several keywords issues (issues with ampersands and spaces, leftover keyword separators) (thread)
  • Fixed valid token issue during logout (thread)
  • Display exact character encoding in config (thread)
  • Fixed permission issue if admin tries to create a personal album (thread)
  • Fixed batch-add issue if no file is selected (thread)
  • Fixed visibility issue when setting an album password with IE (thread)
  • Fixed admin tools format in eyeball theme (thread)
  • Fixed thumbnail pages dropdown list on album list (thread)
  • Adjusted part of documentation to reflect cpg1.5.x code change (thread)
  • Fixed critical error message for meta album 'lastalb' if thumbnail image doesn't exist (thread)
  • Fixed first level album thumbnails if thumbnail image doesn't exist
  • Moved memberlist button to home menu drop-down for theme 'curve' (thread)
  • Added workaround for delayed cookie issue during login (thread)
2011-08-01
cpg1.5.12
  • Security release (stable)
  • Announcement thread
  • Fixed film strip issue (thread)
  • Fixed indent for subcategories (thread)
  • Fixed function 'utf_replace' (thread)
  • Updated Portuguese language file (user contribution)
  • Fixed custom thumbnail for files with uppercase extension (thread)
  • Fixed memberlist issue when database name contains a dash (thread)
  • Fixed colspan for guest comments when captcha is enabled (thread)
  • Fixed PHP session name for captcha (thread)
  • Fixed playback of Windows Media Player videos (thread)
  • Fixed XSS issues (thread)
2011-01-02
cpg1.5.10
  • Maintenance release (stable)
  • Announcement thread
  • Fixed default page when comments are sorted in descending order (thread)
  • Fixed issue with plugin usergal_alphatabs when bridged (thread)
  • Added charsetmgr.php to the delete files array (thread)
  • Fixed admin email address validation (thread)
  • Corrected French lang file to fix the non showing dropdown in the user manager (thread)
  • Fixed search feature in the keyword manager (thread)
  • Added partial Swedish language file (user contribution)
  • Added Italian language file (user contribution)
  • Added Icelandic language file (user contribution)
  • Added language fallback to function cpg_get_default_lang_var (thread)
  • Updated Finnish language file (user contribution)
  • Updated default value of transparent_overlay in configuration.htm (thread)
  • Added code that makes sure mb_strlen actually exists when called (thread)
  • Fixed album manager issue when users aren't allowed to create private albums (thread)
  • Fixed lower case user name issue with plugin usergal_alphatabs (thread)
  • Fixed issue where users can edit public albums (thread)
  • HTML validation (thread)
  • Added partial Portuguese language file (user contribution)
  • Added partial Catalan language file (user contribution)
  • Fixed template error if guests are allowed to create public albums
  • Allow admin to change email address (thread)
  • Fixed issue when regular users try to upload to self-created public albums with simple upload form (thread)
  • Fixed missing classid attribute causing videos not to play (thread, thread)
  • Updated regex to fix error message for blank 'allowed file types' values (thread)
  • Fixed setting email sender address
  • Show 'upload needs admin approval' message for flash uploader (thread)
  • Fixed exif issue when auto resizing is enabled and watermarking is disabled (thread, thread)
  • Optimized picture resizing and watermarking procedure
  • Fixed display of unprocessed bbcode markup in ecard display
  • Fixed registration process if both email verification and admin activation enabled (thread)
  • Fixed error message if uploaded file exceeds dimension limit (thread)
  • Fixed session table name in SMF bridge files (thread)
  • Fixed deprecated message on pluginmgr.php (thread)
  • Fixed critical error on memberlist when bridged (thread)
  • Fixed use of mysql_insert_id (thread)
  • Fixed template placeholder bug that caused cut off tags
  • Updated Swedish language file (previous version was mainly a Danish language file)
  • Added partial Swedish documentation
  • Fixed last visit display in user manager when bridged with SMF2 (thread, thread)
  • Fixed implementation of plugin hook 'ip_information' (thread)
  • Use IPTC headline instead of IPTC title as picture title according to docs (thread)
  • Added additional submit button on top of 'Edit files' form (thread)
  • Added plugin hooks 'after_edit_file', 'upload_html_pre_move' and 'upload_swf_pre_move' (thread)
  • If error occurs during batch-add, show error message and don't redirect automatically (thread)
  • Fixed default selection of check boxes for batch-add (thread)
  • Fixed issue with 'User Gallery Alphabetic Tabbing' plugin when bridged (thread)
  • Skip unknown file types during batch-add process (thread)
  • Added label for 'remember me' checkbox (thread)
  • Removed value 'SERVER_PROTOCOL' from client ID generator (thread)
  • Fixed picture resizing via admin tools (thread)
  • Removed declaration of function 'cpg_folder_file_delete' from update.php (thread)
  • Fixed spelling of ImageMagick (thread)
  • Fixed error message when entering invalid email address in profile manager (thread)
  • Fixed renaming of already added files during batch-add (thread)
  • Fixed picture manager - show user created albums in public categories (thread)
  • No longer specify a MySQL engine - use the server default.
  • Fixed comment approval when editing comments (thread)
  • Add anonymous group if it doesn't exist (thread)
  • Fixed ownership of albums created with xp publisher
  • Consistent use of plugin hook types 'action' and 'filter' (thread)
  • Adjusted/added maxlength parameter for album title/keyword according to database types (thread)
  • Display more batch add error messages
  • Fixed use of intermediate-sized image (thread)
  • Theme 'curve': remove drop-down menu leftover if empty (thread)
  • Added plugin hook 'replace_forbidden_conditions' (thread)
  • No error message for admin during upload if image dimension exceeds configuration value (thread)
  • Always use PHP time when querying the database (thread)
  • Added missing/new plugin hooks to visiblehookpoints plugin
  • Fixed potential security issue during installation (thread)
  • Fixed issue with language manager (thread)
2010-11-30
cpg1.5.8
  • Maintenance release (stable)
  • Announcement thread
  • Fixed setting default language with language manager (thread)
  • Changed form token generation - removed trouble maker parameters (thread)
  • Fixed language manager issue for language files with underscore (thread)
  • Set moderator group to '0' for all albums to avoid problems for people who used that feature before it was dropped (thread)
  • Fixed ecard if no intermediate picture is present (thread)
  • Added Estonian language file (user contribution)
  • Update 'last visit' time if it's a 'remember me' session (thread)
  • Added Slovak language file (user contribution)
  • While deleting non-images, delete the corresponding custom thumbnail if exists
  • While renaming non-images, rename the corresponding custom thumbnail if exists
  • While renaming files, check if there will be no conflicts before doing anything
  • Added plugin hook 'token_criteria'
  • Fixed missing CSS class cpg_summary and icon replacement leading to broken output of help boxes on config screen (thread & thread)
  • Fixed possibility for users to edit their files in public galleries if disabled in config (thread)
  • Disable the possibility for guests to enter file details by default (thread)
  • Fixed error message when regular users try to delete their albums in public categories
  • Re-organizing zip archives inside docs folder
  • Adding documentation about plugin config options
  • Fixed issue when reset file ratings (thread)
  • Fixed empty values for 'reason' in 'report to administrator' email (thread)
  • Fixed category view when albums with keywords are present (thread)
  • Changed type of plugin hooks 'theme_thumbnails_wrapper_start/end' from 'filter' to 'action' and adjusted English documentation accordingly (thread)
  • Added search terms to the title of the thumbnails page (thread)
  • Added Japanese language file (user contribution)
  • Adding boxes to config documentation for defaults, max, min, recomended and record name
  • Display Coppermine news always in an iframe (thread)
  • Fixed error message for non existing categories (thread)
  • Replaced wrong link in update.php (thread)
  • Added language table population section to update script to stop cpg1.4.x upgrades seing only Luxemburgish and Mexican as available langauges
  • Updated Turkish language file (user contribution)
  • Show password prompt if user tries to access file in password protected album directly
  • Added Brazilian language file (user contribution)
  • Fixed uploading to password protected albums in public categories (thread)
  • Changed default values for user galleries category (thread)
  • Fixed album visibility issue with user galleries (thread)
  • Changed fix for category alpha sorting
  • Fixed a critical error with the most viewed meta album
  • Updated French language file (improvement and corrections)
  • Allow higher port numbers for the site url config setting
  • Fixed display of swf files in Firefox (thread)
  • Fixed resizing of watermark backup images (thread)
  • Fixed category permissions for secondary user groups (thread)
  • Fixed issue when editing user albums (thread)
  • Fixed issues with usergal_alphatabs plugin (thread & thread)
  • Fixed line breaks in contact form emails
  • Removed outdated FAQ items
  • Updated Hungarian language file (user contribution)
  • Fixed pre-population of user name on comments form (thread)
  • Fixed timeout issue when fetching remote files (thread)
  • Fixed thumb sharpening (thread)
  • Place new comments form accordingly to sort order of comments (thread)
  • Added Danish language file (user contribution)
  • Added default value for 'user_profile6' during user creation (thread)
  • Fixed HTML validation issue for german lang files - replaced & by &
  • Updated plugin manager documentation (thread)
  • Added Hungarian language file (user contribution)
  • Fixed pagination for user manager (thread)
  • Updated Finnish language file (user contribution)
2010-08-06
cpg1.5.7 This package was never released. In fact it never existed. -
cpg1.5.6
  • Maintenance release (stable)
  • Announcement thread
  • Fixed broken link (thread)
  • Extended lang_byte_units array for some language files (thread)
  • Fixed ip address duplicates in stat_details.php (thread)
  • Updated Czech language file (user contribution)
  • Fixed typo that caused the display of the 'not supported version' message box (thread)
  • Fixed issue when uploading plugins to Windows-driven galleries
  • Removed cpg1.3.x theme upgrade guide, as a direct upgrade from cpg1.3.x to cpg1.5.x no longer is supported
  • Create different log entries for user registrations and admin user creations in access log file (thread)
  • Fixed config value for path to ImageMagick when selecting GD during intallation (thread)
  • Fixed query for album moderation group (thread)
  • Fixed display of upload approval button (thread)
2010-06-04
cpg1.5.5 This package was never released. In fact it never existed. -
cpg1.5.4 2010-06-02
cpg1.5.3 2010-03-05
cpg1.5.2
  • Beta release. First public release for testing and evaluation. Do not use for production! No support available yet.
  • Announcement thread
2009-11-16
cpg1.5.1
  • Alpha release for testers and translators. This version is not a public release - it has only been released to a closed group of users for testing and translation purposes.
2009-07-24
cpg1.5.0
  • This version was never released as a package - the version number 1.5.0 was just reserved for the initial development stage of the cpg1.5.x series before the feature freeze stage started. There is no package available, nor has there ever been one - only Subversion checkouts have been possible.
Never

As you can see, the coppermine dev team is constantly fixing and improving coppermine. Every non-trivial piece of software contains bugs, so there is no guarantee that the version that currently is the most recent one will be the final, ultimately bug-free version to be released in the cpg1.5.x series. It is absolutely vital that you perform regular updates as soon as new packages are being released.

Changelog

Details on the changes that went into a release can be found in the changelog that comes with each package. The changelog file can be found in the root directory of the coppermine package. The changelog contains more information on additional languages and the time and date of the fix as well.

The changelog is a plain-text file that can be read using a simple editor - on Windows-driven machines, notepad.exe is fine.

Steps needed to perform when upgrading Coppermine (from any version)

The instructions here apply for all Coppermine udpates/upgrades, so please read them carefully.

To make this absolutely clear:

there is no such thing as a separate upgrade package - coppermine always comes as a complete package that can be used both for a fresh install as well as an upgrade.

Additional actions for updating from particular versions

Depending on the version you're updating from, there are additional actions you need to perform:

Upgrading from version cpg1.0, cpg1.1, cpg1.2.x or cpg1.3.x to cpg1.5.x

Support for a direct upgrade from cpg1.0, cpg1.1, cpg1.2.x or cpg1.3.x to cpg1.5.x has been dropped - if you still have such an ancient version running, you will have to upgrade in a two-step-process (from your version to cpg1.4.x and then on to cpg1.5.x)

Upgrading from cpg1.4.x to version cpg1.5.x

Upgrading from older versions of cpg1.5.x to the most recent version of cpg1.5.x

There are no additional steps to follow when upgrading from an older version of cpg1.5.x to the most recent version of that family. Just performing the basic instructions discussed above in Steps needed to perform when upgrading Coppermine (from any version) will be enough.

The update script

The updater is a script that will update your database and delete leftover files from outdated versions that are no longer used in your version. It can be accessed by clicking on the corresponding link inside the admin menu or by entering the URL into the address bar of your browser.

You can run the updater by entering http://yoursite.tld/your_coppermine_folder/update.php into your browser's address bar.

What it does

The updater performs three things:

Purpose

The updater will perform the database update for you after you manually have replaced the sql file it is using. The updater will not detect for you if there is a new version of coppermine available, nor will it download anything from the coppermine website. The level of automation is not that advanced in coppermine (yet).

To find out about new versions of coppermine or maintenance releases, check the news from coppermine-gallery.net.

Authorization check

In Coppermine versions before cpg1.5.x, the update script used to be publicly accessible, e.g. everybody was able to run it. While this was good for support purposes (supporters were able to run the updater for users looking for help if it was obvious that they had not done so), there was a slight chance that this accessibility for everyone could at some stage be a security risk. That's why the dev team members decided to protect the updater from being run by any visitor who accesses it - starting with cpg1.5x you need to supply admin credentials. This can happen in four different ways:

When must the updater be run?

You need to run the updater every time you upgrade/update, i.e. each time the file sql/update.sql is being replaced with a new version.

It doesn't hurt to run the updater several times in a row, so if you're in doubt, run it again.

The version check tool

Since the release of cpg1.3.2 Coppermine comes with an additional version checking tool to help you resolve issues with upgrades and updates easily. To launch the versioncheck, simply add versioncheck.php to your browser's address bar after being logged into coppermine as admin (example: http://yourdomain.tld/your_coppermine_folder/versioncheck.php). With version 1.5.x, you can run the versioncheck utility from the Admin menu.

The versioncheck tool does not perform an actual update: it does not download newer versions of coppermine for you, nor does it install any fixes - it just is meant to make you aware of newer versions and help you to determine wether you performed an upgrade correctly.

What it does

The script "versioncheck" is meant for two purposes:

This script goes through the files on your webserver and tries to determine if the local file versions on your webserver are the identical to the ones at the repository of http://coppermine-gallery.net. Files that do not match are displayed and are the files you should update as well.

Compared to previous versions, the versioncheck page has been re-designed for cpg1.5.x both in terms of visuals as well as functionality.

First run

When run for the first time, you will see the option screen first. For a start, default options should be OK, so just submit the form. The script will then determine the coppermine version you're currently running, an try to look up the XML file on the coppermine repository that corresponds to your version. If successfull, it will compare all files that exist on your server against the most recent files that are recommended to use (trying to obtain that data from the repository). Subsequently, you should see a list of folders and files that are supposed to exist on your server and an explanation if the file versions you have are the most recent. For details how to interpret the output, read on.

Options

There is a small number of options available on the versioncheck page that should be pretty self-explanatory:

The options screen lets you configure the versioncheck, or rather what is being displayed. The options aren't saved anywhere, so you will have to adjust them each time you run versioncheck. The default options should be OK for most users - only change them if you have good reasons to do so.

Version comparison

There is a lot of information packed into a small space. Here's an example of a possible output and what the output means:

Things that could go wrong using versioncheck

As the actions performed by the versioncheck script are complex, there are several things that can go wrong, depending on your webserver setup:

Versioncheck is being provided as a courtesy to end users. As there are several factors that have an impact on it, it may or may not work on your server setup. If the versioncheck tool does nothing at all, this is probably the case for you - you don't have to be alarmed in this case: just make sure to keep your coppermine install up-to-date, preferably by enabling the config option "Display news from coppermine-gallery.net". Only if individual issues are being reported by the version check tool (i.e. only if some lines contain a remark in the comments column), you should be alarmed and take a closer look.

Wrong expectations

To some this may sound trivial, for others it might be an important piece of information: naturally, files that you have not replaced during the upgrading process (e.g. anycontent.php) will show as outdated in versioncheck's output. This is of course to be expected. It doesn't hurt if you performed the upgrade exactly as suggested, as the files you're supposed to keep during that process don't actually contain code that needs updating. As an example, anycontent.php doesn't actually contain code at all (at least the file that comes with coppermine out of the box). It can contain custom code if you decide to use it. For details on the usage of anycontent.php, refer to the section "Using anycontent.php".

The versioncheck tool doesn't actually download newer file versions from the internet - it just checks the files you have on your server against a list of most recent files. The versioncheck tool doesn't check nor sanitize your site against hacking.

Upgrading FAQ

Downgrading from cpg1.5.x to an older version

CPG1.5.x incorporates many new features (compared to older versions), so we encourage all users to upgrade. However, there may be some who want to test cpg1.5.x and decide later that they want to go back to an older version. You have to keep in mind that a full upgrade changes the overall layout of coppermine's database that includes converting the encoding to unicode. This process can't be reverted: once you have done the conversion, the only way back is to restore a complete mySQL database dump (of course you have to create this backup before you upgraded in the first place). Creating mySQL dumps (backups) is recommended anyway, so you should do so now.

To make this absolutely clear: you can only downgrade if you used to have cpg1.4.x before and upgraded this version to cpg1.5.x. If you have made a fresh install of cpg1.5.x, you can not downgrade at all!

To actually perform the downgrade, replace all cpg1.5.x files on your server with the files from the older version (as if you were doing an upgrade, see above). Then restore your database dump that you must have made before upgrading. If you don't have a database dump (backup), you can't go back!