projects
/
bizou.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
9242908
)
fixes in varables names...
author
Marc MAURICE
<dooblempub@positon.org>
Thu, 7 Oct 2010 22:43:28 +0000
(
00:43
+0200)
committer
Marc MAURICE
<dooblempub@positon.org>
Thu, 7 Oct 2010 22:43:28 +0000
(
00:43
+0200)
view.php
patch
|
blob
|
history
diff --git
a/view.php
b/view.php
index
1b38962
..
99e7f9c
100644
(file)
--- a/
view.php
+++ b/
view.php
@@
-1,15
+1,16
@@
<?php
<?php
-$quickPath = isset($_SERVER["PATH_INFO"])?$_SERVER["PATH_INFO"]:"";
-$scriptPath = $_SERVER["SCRIPT_NAME"];
+$shortPath = $_SERVER["PATH_INFO"];
+if ($shortPath == '/') $shortPath = '';
+// extra security check to avoid /photos/index/../.. like urls, maybe useless but..
+if (strpos($shortPath, '..') !== false) die(".. found in url");
-$quickDir = dirname($quickPath);
-$realDir = "images$quickDir";
+$scriptPath = $_SERVER["SCRIPT_NAME"];
// get all images in an array
$images = array();
// get all images in an array
$images = array();
-$files = scandir($realDir);
+$files = scandir("images".dirname($shortPath));
foreach ($files as $file) {
$ext = strtolower(substr($file, -4));
if ($ext == ".jpg" or $ext == ".png")
foreach ($files as $file) {
$ext = strtolower(substr($file, -4));
if ($ext == ".jpg" or $ext == ".png")
@@
-17,7
+18,7
@@
foreach ($files as $file) {
}
// find the image position
}
// find the image position
-$pos = array_search(basename($quickPath), $images);
+$pos = array_search(basename($shortPath), $images);
if ($pos === false) die("Image not found");
// get prev and next images
if ($pos === false) die("Image not found");
// get prev and next images
@@
-28,19
+29,20
@@
if ($pos > 0)
if ($pos < sizeof($images))
$nextImage = $images[$pos+1];
if ($pos < sizeof($images))
$nextImage = $images[$pos+1];
-$imageUrl = dirname($scriptPath)."/images$quickPath";
+// template variables
+$imageUrl = dirname($scriptPath)."/images$shortPath";
if ($nextImage === '') {
$nextImageUrl = '';
$nextPageUrl = '';
} else {
if ($nextImage === '') {
$nextImageUrl = '';
$nextPageUrl = '';
} else {
- $nextImageUrl = dirname($scriptPath)."/images".dirname($quickPath)."/$nextImage";
+ $nextImageUrl = dirname($scriptPath)."/images".dirname($shortPath)."/$nextImage";
$nextPageUrl = dirname($_SERVER["REQUEST_URI"])."/$nextImage";
}
if ($prevImage === '') $prevPageUrl = '';
else $prevPageUrl = dirname($_SERVER["REQUEST_URI"])."/$prevImage";
$nextPageUrl = dirname($_SERVER["REQUEST_URI"])."/$nextImage";
}
if ($prevImage === '') $prevPageUrl = '';
else $prevPageUrl = dirname($_SERVER["REQUEST_URI"])."/$prevImage";
-$directoryUrl = dirname($_SERVER["SCRIPT_NAME"])."/index".dirname($quickPath);
+$directoryUrl = dirname($_SERVER["SCRIPT_NAME"])."/index".dirname($shortPath);
header('Content-Type: text/html; charset=utf-8');
header('Expires: '.gmdate('D, d M Y H:i:s \G\M\T', time() + 3600));
header('Content-Type: text/html; charset=utf-8');
header('Expires: '.gmdate('D, d M Y H:i:s \G\M\T', time() + 3600));
@@
-112,7
+114,7
@@
img {
<?php if ($prevPageUrl !== '') { ?>
<div id="previous">
<?php if ($prevPageUrl !== '') { ?>
<div id="previous">
-<a href="<?php echo $nextPageUrl ?>" title="Previous image"><</a>
+<a href="<?php echo $prevPageUrl ?>" title="Previous image"><</a>
</div>
<?php } ?>
</div>
<?php } ?>