<?php

// Classes
require_once('lib/helpers.class.php');
require_once('lib/template.class.php');

// Settings
require('conf/config.php');

// Prepare Some Basic Variables
$imagedir = Helpers::end_dir($conf['fs_imagedir']);
$imageurl = Helpers::end_dir($conf['web_imagedir']);

$galleryname = $conf['gallery_name'];

// Prepare Path Traversal Check
$r_basedir=realpath($imagedir);

// Get Parameters or Set Defaults
$page   = $_GET['p'] ?? $conf['defpage'];
$slice  = $_GET['s'] ?? $conf['defslice'];
$gslice = $_GET['gs'] ?? $conf['defslice'];
$dir    = $_GET['d'] ?? $conf['defdir'];
$sort   = $_GET['so'] ?? 1;

// Input Validation and Sanitazion
$page   =  Helpers::validate_int($page, 1, PHP_INT_MAX) ? $page : $conf['defpage'];
$slice  =  Helpers::validate_int($slice, 1, 100) ? $slice : $conf['defslice'];
$gslice =  Helpers::validate_int($gslice, 1, 100) ? $gslice : $conf['defslice'];
$sort   =  Helpers::validate_int($sort, 0, 1) ? $sort : $conf['defslice'];

// Set Some Variables
$host   = isset($_SERVER['HTTP_X_FORWARDED_HOST']) ? $_SERVER['HTTP_X_FORWARDED_HOST'] : $_SERVER['HTTP_HOST'];
$proto  = isset($_SERVER['HTTP_X_FORWARDED_PROTO']) ? $_SERVER['HTTP_X_FORWARDED_PROTO'] : $_SERVER['REQUEST_SCHEME'];
$secure = ($proto == 'https');

// Create or Load Session
session_set_cookie_params([ 'lifetime' => 3600, 'path' => '/', 'domain' => $host, 'secure' => $secure, 'httponly' => true, 'samesite' => 'lax' ]);
session_start();

// Filelist Cache Handling
$cdir = $dir;
if (empty($cdir))
  $cdir = '/';

if (isset($_SESSION[$cdir])
    && (time() - $_SESSION[$cdir]['t']) < $conf['flcache'] 
    && !isset($_GET['refcache'])) 
{
  $files = $_SESSION[$cdir]['f'];
  $dirs  = $_SESSION[$cdir]['d'];
} else {
  $r_imagedir = realpath($imagedir.$dir);
  if ($r_imagedir === false || strpos(Helpers::end_dir($r_imagedir), $r_basedir.DIRECTORY_SEPARATOR) !== 0) {
    $data['script'] = $_SERVER['PHP_SELF'];
    $data['errormsg'] = 'A Path Traversal was Detected';
    Template::view('tpl/error.html', $data);
    exit();
  }
  $tmpdirs = glob(Helpers::end_dir($imagedir.$dir).'*' , GLOB_ONLYDIR);
  if (!empty($tmpdirs)) {
    foreach ($tmpdirs as $tmpdir)
      $dirs[] = basename($tmpdir);
    $rmdirs = $dirs;
  }
  $rmdirs[] = '.';
  $rmdirs[] = '..';
  $files = array_diff(scandir($imagedir.$dir, SCANDIR_SORT_DESCENDING), $rmdirs);
  // Filter Unsupported Files
  $files = array_values(preg_grep('/.*\.(?!(db|sh)).*/i', $files));
  $_SESSION[$cdir]['f'] = isset($files) ? $files : null;
  $_SESSION[$cdir]['d'] = isset($dirs) ? $dirs : null;
  $_SESSION[$cdir]['t'] = time();
}

// Apply Filters to Filelist
$filter='';
if (isset($_GET['f'])) {
  if ($_GET['f'] != '') {
    if (Helpers::validate_search($_GET['f'])) {
      $tr = array('(' => '\(', ')' => '\)');
      $f = strtr($_GET['f'], $tr);
      if (!empty($files))
        $files = array_values(preg_grep('/.*'.$f.'.*/i', $files));
      if (!empty($dirs))
        $dirs = array_values(preg_grep('/.*'.$f.'.*/i', $dirs));
      $filter='&f='.$_GET['f'];
    } else {
      $data['script'] = $_SERVER['PHP_SELF'];
      $data['errormsg'] = 'An Invalid Search String was detected';
      Template::view('tpl/error.html', $data);
      exit();
    }
  }
}


// Sort and Reverse Filelist
natcasesort($files);
if ($sort == 1) {
  $files = array_reverse($files);
} else {
  $files = array_values($files);
}

if (!empty($dirs))
  $files = array_merge($dirs, $files);

// Get Files for current Page
$curfiles = array_slice($files, ($page-1)*$slice ,$slice, true);

if (!empty($curfiles)| !empty($dirs)) {
  // Prepare Generic Data for Template
  $data['galleryname'] = $galleryname;
  $data['startpage'] = $_SERVER['PHP_SELF'];
  $data['dir'] = $dir;
  $data['sort'] = $sort;
  $data['slice'] = $slice;
  $data['filter'] = $filter;
  $data['pretty_filter'] = substr($filter,3);
  $data['page'] = $page;
  $data['prev_page'] = $page - 1;
  if ($data['prev_page'] < 1)
    $data['prev_page'] = 1;
  $data['next_page'] = $page + 1;
  if ($data['next_page'] > ceil(count($files)/$slice))
    $data['next_page'] = $page;
  $data['last_page'] = ceil(count($files)/$slice);

  // Prepare Mode Specific Data and Render Template
  if ($slice > 1) {
    if (!empty($curfiles)) {
      foreach ($curfiles as $index => $image) {
        if (!empty($dirs) && in_array($image, $dirs)) {
          $data['dirs'][] = $image;
        } else {
          $tmp['n'] = $image;
          $tmp['i'] = $index+1;
          $tmp['t'] = 'thumb.php?d='.Helpers::end_dir($imagedir.$dir).'&i='.$image;
          $data['images'][] = $tmp;
        }
      }
      if (!empty($dir)) {
        $tmpdirs = array_filter(explode(DIRECTORY_SEPARATOR, $dir));
        $tmppath = '';
        foreach($tmpdirs as $tmpdir) {
          $tmppath=$tmppath.DIRECTORY_SEPARATOR.$tmpdir;
          $data['crumbs'][$tmpdir] = $tmppath;
        }
      }
    }    
    Template::view('tpl/gallery.html', $data);
  } else {
    $data['gallery_page'] = ceil($page/$gslice);
    $data['gallery_slice'] = $gslice;
    foreach ($curfiles as $index => $image) {
      $data['imageurl'] = str_replace("'", "&#39;", $imageurl.$dir.'/'.$image);
      $data['imagename'] = $image;
      $data['filetype'] = mime_content_type(Helpers::end_dir($imagedir.$dir).$image);
      $data['tags'] = array_filter(explode(" ", pathinfo(trim(strstr(strtolower($image), ' - '), " -"))['filename']));
    }
    Template::view('tpl/single.html', $data);
  }
} else {
  $data['filter'] = substr($filter,3);
  $data['script'] = $_SERVER['PHP_SELF'];
  Template::view('tpl/notfound.html', $data);
}
  
?>