I put version 3.21 of gallery up this evening. People kept sending me e-mail that indicated they were running this on a public web account; I don’t think it makes much sense to do this as the original files just eat up your allotted web space, I guess they must have accounts that let them keep gigs of files on their server.

Anyway, I realized when responding to an e-mail that the database settings were stored in a ".inc" file instead of a ".php" file. This is not a real problem if you’re just running gallery locally, but if you have it up on a web server with no security it is a very bad thing. Anyone running gallery on a publicly accessible web server should have had some basic security on their gallery directory anyway so hopefully this isn’t an issue to very many people, but it’s better to have it fixed.

This post is part of the project: Photos. View the project timeline for more context on this post.