vsgallery/thumb.php

33 lines
905 B
PHP
Raw Normal View History

2024-02-24 17:58:34 +00:00
<?php
// Load Helper Classes
require_once('lib/helpers.class.php');
require_once('lib/template.class.php');
require_once('lib/thumbs.class.php');
// Settings
require('conf/config.php');
// Prepare Some Basic Variables
$thumbdir = Helpers::end_dir($conf['fs_thumbdir']);
$imagedir = Helpers::end_dir($conf['fs_imagedir']);
// Prepare Path Traversal Check
$r_basedir=realpath($imagedir);
$dir = $_GET['d'];
$img = $_GET['i'];
$r_imagedir = realpath($dir);
if ($r_imagedir === false || strpos(Helpers::end_dir($r_imagedir), $r_basedir.DIRECTORY_SEPARATOR) !== 0) {
$data['script'] = $_SERVER['PHP_SELF'];
$data['errormsg'] = 'A Path Traversal was Detected';
Template::view('tpl/error.html', $data);
exit();
}
// Initialize Thumbnail Handler
$t = new Thumb(Helpers::end_dir($dir), $thumbdir, 200, 200);
$thumbfile = $t->get_thumb($img);
header('Content-Type: image/jpeg');
readfile($thumbfile);