projects / bizou.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
functions put in a separate file, so that they can be used by plugins
[bizou.git] / plugins / viewer / view.php
diff --git a/plugins/viewer/view.php b/plugins/viewer/view.php
index a1af936..2af21b1 100644 (file)
--- a/plugins/viewer/view.php
+++ b/plugins/viewer/view.php
@@ -19,12 +19,10 @@
 
 $bizouRootFromHere = '../..';
 require "$bizouRootFromHere/config.php";
+require "$bizouRootFromHere/functions.php";
 
-$simpleImagePath = $_SERVER["PATH_INFO"];
-if ($simpleImagePath == '/') $simpleImagePath = '';
-// extra security check to avoid /photos/index/../.. like urls, maybe useless but..
-if (strpos($simpleImagePath, '..') !== false) die(".. found in url");
-
+// extract /path/to/image.jpg from /view.php/path/to/image.jpg
+$simpleImagePath = getPathInfo();
 
 if (! is_file("$bizouRootFromHere/".IMAGES_DIR.$simpleImagePath)) {
        header("HTTP/1.1 404 Not Found");
Unnamed repository; edit this file 'description' to name the repository.