vsgallery/index.php

146 lines
4.2 KiB
PHP
Raw Normal View History

2022-01-08 16:22:16 +00:00
<?php
// Classes
require_once('lib/helpers.class.php');
require_once('lib/thumbs.class.php');
require_once('lib/template.class.php');
// Settings
require('conf/config.php');
// Prepare Some Basic Variables
$imagedir = Helpers::end_dir($conf['fs_imagedir']);
$thumbdir = Helpers::end_dir($conf['fs_thumbdir']);
$imageurl = Helpers::end_dir($conf['web_imagedir']);
$thumburl = Helpers::end_dir($conf['web_thumbdir']);
2022-01-10 17:11:45 +00:00
$galleryname = $conf['gallery_name'];
2022-01-11 16:02:35 +00:00
// Prepare Path Traversal Check
$r_basedir=realpath($imagedir);
2022-01-08 16:22:16 +00:00
// Get Parameters or Set Defaults
$page = $_GET['p'] ?? $conf['defpage'];
$slice = $_GET['s'] ?? $conf['defslice'];
$gslice = $_GET['gs'] ?? $conf['defslice'];
$dir = $_GET['d'] ?? $conf['defdir'];
// Create or Load Session
session_start();
// Initialize Thumbnail Handler
$t = new Thumb(Helpers::end_dir($imagedir.$dir), $thumbdir, 200, 200);
// Filelist Cache Handling
2022-01-11 16:19:02 +00:00
$cdir = $dir;
if (empty($cdir))
$cdir = '/';
if (isset($_SESSION[$cdir])
&& (time() - $_SESSION[$cdir]['t']) < $conf['flcache']
2022-01-08 16:22:16 +00:00
&& !isset($_GET['refcache']))
{
2022-01-11 16:19:02 +00:00
$files = $_SESSION[$cdir]['f'];
$dirs = $_SESSION[$cdir]['d'];
2022-01-08 16:22:16 +00:00
} else {
2022-01-11 16:02:35 +00:00
$r_imagedir = realpath($imagedir.$dir);
2022-01-11 16:10:11 +00:00
if ($r_imagedir === false || strpos(Helpers::end_dir($r_imagedir), $r_basedir.DIRECTORY_SEPARATOR) !== 0) {
2022-01-11 16:02:35 +00:00
print "Path Traversal Detected!";
exit();
}
2022-01-11 15:32:12 +00:00
$tmpdirs = glob(Helpers::end_dir($imagedir.$dir).'*' , GLOB_ONLYDIR);
2022-01-11 15:52:11 +00:00
if (!empty($tmpdirs)) {
foreach ($tmpdirs as $tmpdir)
$dirs[] = basename($tmpdir);
$rmdirs = $dirs;
}
2022-01-11 15:25:49 +00:00
$rmdirs[] = '.';
$rmdirs[] = '..';
$files = array_diff(scandir($imagedir.$dir, SCANDIR_SORT_DESCENDING), $rmdirs);
2022-01-11 16:52:40 +00:00
// Filter Unsupported Files
$files = array_values(preg_grep('/.*\.(?!(webm|sh)).*/i', $files));
2022-01-11 16:19:02 +00:00
$_SESSION[$cdir]['f'] = $files;
$_SESSION[$cdir]['d'] = $dirs;
$_SESSION[$cdir]['t'] = time();
2022-01-08 16:22:16 +00:00
}
// Apply Filters to Filelist
$filter='';
if (isset($_GET['f'])) {
if ($_GET['f'] != '') {
2022-01-10 14:38:09 +00:00
$tr = array('(' => '\(', ')' => '\)');
$f = strtr($_GET['f'], $tr);
2022-01-11 17:12:54 +00:00
if (!empty($files))
$files = array_values(preg_grep('/.*'.$f.'.*/i', $files));
if (!empty($dirs))
$dirs = array_values(preg_grep('/.*'.$f.'.*/i', $dirs));
2022-01-08 16:22:16 +00:00
$filter='&f='.$_GET['f'];
}
}
2022-01-11 17:02:30 +00:00
2022-01-08 16:22:16 +00:00
// Sort and Reverse Filelist
natcasesort($files);
$files = array_reverse($files);
2022-01-11 16:27:47 +00:00
if (!empty($dirs))
$files = array_merge($dirs, $files);
2022-01-08 16:22:16 +00:00
// Get Files for current Page
$curfiles = array_slice($files, ($page-1)*$slice ,$slice, true);
if (!empty($curfiles)| !empty($dirs)) {
2022-01-10 14:47:35 +00:00
// Prepare Generic Data for Template
2022-01-10 17:11:45 +00:00
$data['galleryname'] = $galleryname;
2022-01-10 17:41:27 +00:00
$data['startpage'] = $_SERVER['PHP_SELF'];
2022-01-10 14:47:35 +00:00
$data['dir'] = $dir;
$data['slice'] = $slice;
$data['filter'] = $filter;
$data['page'] = $page;
$data['prev_page'] = $page - 1;
if ($data['prev_page'] < 1)
$data['prev_page'] = 1;
$data['next_page'] = $page + 1;
if ($data['next_page'] > ceil(count($files)/$slice))
$data['next_page'] = $page;
$data['last_page'] = ceil(count($files)/$slice);
// Prepare Mode Specific Data and Render Template
if ($slice > 1) {
if (!empty($curfiles)) {
2022-01-11 15:37:31 +00:00
foreach ($curfiles as $index => $image) {
2022-01-11 17:11:13 +00:00
if (!empty($dirs) && in_array($image, $dirs)) {
2022-01-11 16:26:51 +00:00
$data['dirs'][] = $image;
} else {
$tmp['n'] = $image;
$tmp['i'] = $index+1;
$tmp['t'] = $thumburl.$t->get_thumb($image);
$data['images'][] = $tmp;
}
2022-01-11 15:37:31 +00:00
}
2022-01-11 19:10:23 +00:00
if (!empty($dir)) {
$tmpdirs = array_filter(explode(DIRECTORY_SEPARATOR, $dir));
2022-01-11 19:06:10 +00:00
$tmppath = '';
2022-01-11 19:10:23 +00:00
foreach($tmpdirs as $tmpdir) {
2022-01-11 19:06:10 +00:00
$tmppath=$tmppath.DIRECTORY_SEPARATOR.$tmpdir;
$data['crumbs'][$tmpdir] = $tmppath;
}
}
}
2022-01-10 14:47:35 +00:00
Template::view('tpl/gallery.html', $data);
} else {
$data['gallery_page'] = ceil($page/$gslice);
$data['gallery_slice'] = $gslice;
foreach ($curfiles as $index => $image) {
$data['imageurl'] = $imageurl.$dir.'/'.$image;
$data['imagename'] = $image;
$data['tags'] = explode(" ", pathinfo(trim(strstr(strtolower($image), ' - '), " -"))['filename']);
}
Template::view('tpl/single.html', $data);
2022-01-08 16:22:16 +00:00
}
} else {
2022-01-10 14:51:02 +00:00
$data['filter'] = substr($filter,3);
2022-01-10 14:47:35 +00:00
$data['script'] = $_SERVER['PHP_SELF'];
Template::view('tpl/notfound.html', $data);
2022-01-08 16:22:16 +00:00
}
2022-01-10 14:51:02 +00:00
?>