TWG version 1.8.8 Here you find a small history of small bugfixes where I don't release a new release. If you want to update I recommend to overwrite all files except your settings in my_config.php, my_style.css and admin/_config/.htusers.php and your pictures dir of course. Check the history for a full list of changes: http://www.tinywebgallery.com/history.htm If you need an urgent fix of something - There is always a way to speed things up ;) 1.8.x: Added $cache_clean_thumbs. If set to true thumbnails are also cleaned up at the cache cleanup. 1.8.8 New: Bookmarkable/reloadable urls are now available even with ajax and flash navigation. The image number is now added to the url with a hash. See http://blog.mgm-tp.com/2011/10/must-know-url-hashtechniques-for-ajax-applications/ New: Request and size optimization. Please see <blog to come> for details! Up to 42% less requests! 55% less bytes to transfer. Page speed score enhanced from 49/100 to 95/100! New: css files moved to the css folder and minimized New: css files are now combined into one and stored in the cache folder. New: Album tree uses now sprites -> 15 images less are used New: optimized .htaccess file for caching and zip of resources. New: Added some container on the topx page to allow better styling. New: improved mobile support. New: TFU updated from version 2.15 to 2.16 New: New icon for the private folders. If you like the old style -> the old image is still in the buttons folder. The image is from http://pixel-mixer.com/. Thanks for providing this for free even for commercial. Another backlink is also on the credits page of TWG! New: Support for the alphacanel of 24 bit private.png New: Support for the alphacanel of 24 bit watermarks - they look way better now ;). Security Fix: At the i_optionen.php all parameters where checked but after a detection of an XXS attack the script was not stopped like in the index.php. I have added this there too and now the Attacker gets a message displayed. Security Fix: If you are logged in in the administration you could submit forms/requests that where the input was not checked. Now it is done like in the gallery itself. This is a minor issue because if you have access to the TWG administration you can use the TWGExplorer to do anything anyway... Security Fix: All forms (site and administration) are now protected against CSRF attacks: See http://en.wikipedia.org/wiki/Cross-site_request_forgery Fix: Fixed the reading of external images when the listing is not allowed but a external file is used. Fix: Fixed the reading of GPS data. Is now tested with IPhone and Samsung Galaxy S2 images as well. Fix: Error message when size in cache could not be determind fixed. Fix: Encoding of special chars when entering foldername.txt and folder.txt in the front end was done too often. Now is is displayed fine. Fix: Whole album path was shown as default for the foldername.txt. Now only the current directory is shown. Fix: On the thumbnail page the pager was hidden. Now it is shown fine again. Fix: On the thumbnail page with folders too many thumbs where shown. There is no optimal solution because the number of thumbs differ then from page to page. So I choose the solution which shown the most images. Fix: Special chars where not displayed properly in the title bar of the browser on the thumbnail page. now they are utf8 encoded. Fix: xml and counter folder should be protected by a .htaccess file that should be created. I forgot to put a file in the biuld so that this was not done. Now the folders are protected by default. But I still recommend to use the .htaccess file in the main folde because it does also enable caching and compression. Fix: buttons.png had some transparent spots which where not nice on dark backgrounds.