<?php
+/*
+ Bizou - a (french) KISS php image gallery
+ Copyright (C) 2010 Marc MAURICE
-define('THUMB_SIZE', 100);
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+require 'config.php';
function getPreview($imgFile, $maxSize = THUMB_SIZE)
{
# example: data/myalbum/100.mypic.jpg
- $newImgFile = "data/".dirname($imgFile)."/".$maxSize.".".basename($imgFile);
+ $newImgFile = DATA_DIR."/".dirname($imgFile)."/".$maxSize.".".basename($imgFile);
if (! is_file($newImgFile))
{
- $img = imagecreatefromjpeg($imgFile);
+ $ext = strtolower(substr($imgFile, -4));
+ if ($ext == ".jpg")
+ $img = imagecreatefromjpeg($imgFile);
+ else
+ $img = imagecreatefrompng($imgFile);
$w = imagesx($img);
$h = imagesy($img);
imagecopyresampled($newImg, $img, 0, 0, 0, 0, $newW, $newH, $w, $h);
- imagejpeg($newImg, $newImgFile);
+ if ($ext == ".jpg")
+ imagejpeg($newImg, $newImgFile);
+ else
+ imagepng($newImg, $newImgFile);
imagedestroy($img);
imagedestroy($newImg);
function getAlbumPreview($dir)
{
foreach (scandir($dir) as $file) if ($file != '.' and $file != '..') {
- if (strtolower(substr($file, -4)) == ".jpg")
+ $ext = strtolower(substr($file, -4));
+ if ($ext == ".jpg" or $ext == ".png")
return getPreview("$dir/$file");
}
return '';
}
-$scriptUrlPath = substr($_SERVER["SCRIPT_NAME"], 0, -4); // trim .php
+$scriptUrlPath = $_SERVER["SCRIPT_NAME"];
-// if url == http://localhost/photos/index/toto/titi, path_info == /toto/titi
-// if url == http://localhost/photos/index, path_info is not set
+// if url == http://localhost/photos/index.php/toto/titi, path_info == /toto/titi
+// if url == http://localhost/photos/index.php, path_info is not set
// if url == http://localhost/photos/, path_info is not set
-// if path_info is not set, we are at top level, so we redirect to /photos/index/
+// if path_info is not set, we are at top level, so we redirect to /photos/index.php/
if (! isset($_SERVER["PATH_INFO"])) {
header("Location: $scriptUrlPath/");
exit();
}
+# shortPath is the simple path to the image
+# /index.php/toto/titi => shortPath == /toto/titi
$shortPath = $_SERVER["PATH_INFO"];
if ($shortPath == '/') $shortPath = '';
+// extra security check to avoid /photos/index/../.. like urls, maybe useless but..
+if (strpos($shortPath, '..') !== false) die(".. found in url");
$folders = array();
$imageFiles = array();
$otherFiles = array();
-$realDir = "images$shortPath";
+# realDir is the directory in filesystem
+# seen from current script directory
+$realDir = IMAGES_DIR.$shortPath;
+
+if (! is_dir($realDir)) {
+ header("HTTP/1.1 404 Not Found");
+ die("Directory Not Found");
+}
foreach (scandir($realDir) as $file) if ($file != '.' and $file != '..')
{
else
{
$ext = strtolower(substr($file, -4));
- if ($ext == ".jpg")
- $imageFiles[] = array( "name" => $file, "url" => getPreview("$realDir/$file"), "link" => dirname($scriptUrlPath)."/view/$shortPath/$file" );
- else
+ if ($ext == ".jpg" or $ext == ".png") {
+ $link = dirname($scriptUrlPath)."/$realDir/$file";
+
+ $imageFiles[] = array( "name" => $file, "url" => getPreview("$realDir/$file"), "link" => $link );
+
+ } else {
$otherFiles[] = array( "name" => $file, "link" => dirname($scriptUrlPath)."/$realDir/$file" );
+ }
}
}