@@ -122,6 +122,8 @@ function readEXIF($file) {
122122 if (count ($ exif_arr0 ) {
123123 return ":: " . implode (" | " , $ exif_arr
124124 }
125+
126+ return $ exif_arr
125127}
126128
127129function checkpermissions ($ file
@@ -136,16 +138,11 @@ function checkpermissions($file) {
136138}
137139
138140function guardAgainstDirectoryTraversal ($ path
139- /*
140- * I don't like regexes but this matches
141- * any attemp of directory traversal I could think of
142- * without forbidding « .. » in directory names.
143- */
144141 $ pattern"/^(.*\/)?(\.\.)(\/.*)?$/ " ;
145- $ directoryTraversal preg_match ($ pattern$ path
142+ $ directory_traversal preg_match ($ pattern$ path
146143
147- if ($ directoryTraversal 1 ) {
148- die ("ERROR: Could not open " . htmlspecialchars (stripslashes ($ currentdir " for reading! " );
144+ if ($ directory_traversal 1 ) {
145+ die ("ERROR: Could not open " . htmlspecialchars (stripslashes ($ current_dir " for reading! " );
149146 }
150147}
151148
@@ -158,21 +155,21 @@ function guardAgainstDirectoryTraversal($path) {
158155 $ requestedDir$ _GET 'dir ' ];
159156}
160157
161- $ photoRoot GALLERY_ROOT . 'photos/ ' ;
158+ $ photo_root GALLERY_ROOT . 'photos/ ' ;
162159$ thumbdirrtrim ('photos/ ' . $ requestedDir'/ ' );
163- $ currentdir GALLERY_ROOT . $ thumbdir
160+ $ current_dir GALLERY_ROOT . $ thumbdir
164161
165- guardAgainstDirectoryTraversal ($ currentdir
162+ guardAgainstDirectoryTraversal ($ current_dir
166163
167164//-----------------------
168165// READ FILES AND FOLDERS
169166//-----------------------
170167$ filesarray ();
171168$ dirsarray ();
172169$ img_captionsarray ();
173- if (is_dir ($ currentdir $ handleopendir ($ currentdir
170+ if (is_dir ($ current_dir $ handleopendir ($ current_dir
174171 // 1. LOAD CAPTIONS
175- $ caption_filename"$ currentdir /captions.txt " ;
172+ $ caption_filename"$ current_dir /captions.txt " ;
176173 if (is_readable ($ caption_filename
177174 $ caption_handlefopen ($ caption_filename"rb " );
178175 while (!feof ($ caption_handle
@@ -186,13 +183,13 @@ function guardAgainstDirectoryTraversal($path) {
186183 fclose ($ caption_handle
187184 }
188185
189- while (false !== ($ filereaddir ($ handlein_array ($ file$ SkipObjects
186+ while (false !== ($ filereaddir ($ handlein_array ($ file$ skip_objects
190187 // 2. LOAD FOLDERS
191- if (is_dir ($ currentdir "/ " . $ file
188+ if (is_dir ($ current_dir "/ " . $ file
192189 if ($ file". " && $ file".. " ) {
193- checkpermissions ($ currentdir "/ " . $ file// Check for correct file permission
190+ checkpermissions ($ current_dir "/ " . $ file// Check for correct file permission
194191 // Set thumbnail to folder.jpg if found:
195- if (file_exists ($ currentdir '/ ' . $ file'/folder.jpg ' )) {
192+ if (file_exists ($ current_dir '/ ' . $ file'/folder.jpg ' )) {
196193 $ linkParamshttp_build_query (
197194 array ('dir ' => ltrim ("$ requestedDir/ $ file , '/ ' )),
198195 '' ,
@@ -202,7 +199,7 @@ function guardAgainstDirectoryTraversal($path) {
202199
203200 $ imgParamshttp_build_query (
204201 array (
205- 'filename ' => "$ currentdir / $ file/folder.jpg " ,
202+ 'filename ' => "$ current_dir / $ file/folder.jpg " ,
206203 'size ' => $ thumb_size
207204 ),
208205 '' ,
@@ -212,13 +209,13 @@ function guardAgainstDirectoryTraversal($path) {
212209
213210 $ dirsarray (
214211 "name " => $ file
215- "date " => filemtime ($ currentdir "/ " . $ file"/folder.jpg " ),
212+ "date " => filemtime ($ current_dir "/ " . $ file"/folder.jpg " ),
216213 "html " => "<li><a href= \"{$ linkUrl><em> " . padstring ($ file$ label_max_length"</em><span></span><img src= \"{$ imgUrl alt= \"$ label_loading /></a></li> " ,
217214 );
218215 } else {
219216 // Set thumbnail to first image found (if any):
220217 unset($ firstimage
221- $ firstimagegetfirstImage ("$ currentdir / " . $ file
218+ $ firstimagegetfirstImage ("$ current_dir / " . $ file
222219
223220 if ($ firstimage"" ) {
224221 $ linkParamshttp_build_query (
@@ -240,7 +237,7 @@ function guardAgainstDirectoryTraversal($path) {
240237
241238 $ dirsarray (
242239 "name " => $ file
243- "date " => filemtime ($ currentdir "/ " . $ file
240+ "date " => filemtime ($ current_dir "/ " . $ file
244241 "html " => "<li><a href= \"{$ linkUrl><em> " . padstring ($ file$ label_max_length"</em><span></span><img src= \"{$ imgUrl alt=' $ label_loading' /></a></li> " ,
245242 );
246243 } else {
@@ -255,7 +252,7 @@ function guardAgainstDirectoryTraversal($path) {
255252
256253 $ dirsarray (
257254 "name " => $ file
258- "date " => filemtime ($ currentdir "/ " . $ file
255+ "date " => filemtime ($ current_dir "/ " . $ file
259256 "html " => "<li><a href= \"{$ linkUrl><em> " . padstring ($ file$ label_max_length"</em><span></span><img src= \"{$ imgUrl width=' $ thumb_size' height=' $ thumb_size' alt=' $ label_loading' /></a></li> " ,
260257 );
261258 }
@@ -276,7 +273,7 @@ function guardAgainstDirectoryTraversal($path) {
276273 //Read EXIF
277274 if (!array_key_exists ($ file$ img_captions
278275 if ($ display_exif1 ) {
279- $ exifReadenreadEXIF ($ currentdir "/ " . $ file
276+ $ exifReadenreadEXIF ($ current_dir "/ " . $ file
280277 //Add to the caption all the EXIF information
281278 $ img_captions$ file$ file$ exifReaden
282279 } else {
@@ -288,13 +285,13 @@ function guardAgainstDirectoryTraversal($path) {
288285 // Format: title::caption
289286 // Example: My cat::My cat like to <i>roll</i> on the floor.
290287 // If file is not provided, image filename will be used instead.
291- checkpermissions ($ currentdir "/ " . $ file
288+ checkpermissions ($ current_dir "/ " . $ file
292289
293- if (is_file ($ currentdir '/ ' . $ file'.html ' )) {
294- $ img_captions$ file$ file':: ' . htmlspecialchars (file_get_contents ($ currentdir '/ ' . $ file'.html ' ), ENT_QUOTES );
290+ if (is_file ($ current_dir '/ ' . $ file'.html ' )) {
291+ $ img_captions$ file$ file':: ' . htmlspecialchars (file_get_contents ($ current_dir '/ ' . $ file'.html ' ), ENT_QUOTES );
295292 }
296293
297- $ linkUrlstr_replace ('%2F ' , '/ ' , rawurlencode ("$ currentdir / $ file ));
294+ $ linkUrlstr_replace ('%2F ' , '/ ' , rawurlencode ("$ current_dir / $ file ));
298295 $ imgParamshttp_build_query (
299296 array ('filename ' => "$ thumbdir/ $ file , 'size ' => $ thumb_size
300297 '' ,
@@ -308,8 +305,8 @@ function guardAgainstDirectoryTraversal($path) {
308305
309306 $ filesarray (
310307 "name " => $ file
311- "date " => filemtime ($ currentdir "/ " . $ file
312- "size " => filesize ($ currentdir "/ " . $ file
308+ "date " => filemtime ($ current_dir "/ " . $ file
309+ "size " => filesize ($ current_dir "/ " . $ file
313310 "html " => "<li><a href= \"{$ linkUrl rel='lightbox[billeder]' title= \"" . htmlentities ($ img_captions$ file"\"><img $ imgopts alt=' $ label_loading' /></a> " . $ filename_caption"</li> " );
314311 }
315312 // Other filetypes
@@ -358,15 +355,15 @@ function guardAgainstDirectoryTraversal($path) {
358355 if ($ extension"" ) {
359356 $ filesarray (
360357 "name " => $ file
361- "date " => filemtime ($ currentdir "/ " . $ file
362- "size " => filesize ($ currentdir "/ " . $ file
363- "html " => "<li><a href=' $ currentdir / $ file' title=' $ file'><em-pdf> " . padstring ($ file20 ) . "</em-pdf><span></span><img src=' " . GALLERY_ROOT . "images/filetype_ " . $ extension".png' width=' $ thumb_size' height=' $ thumb_size' alt=' $ file' /></a> $ filename_caption</li> " );
358+ "date " => filemtime ($ current_dir "/ " . $ file
359+ "size " => filesize ($ current_dir "/ " . $ file
360+ "html " => "<li><a href=' $ current_dir / $ file' title=' $ file'><em-pdf> " . padstring ($ file20 ) . "</em-pdf><span></span><img src=' " . GALLERY_ROOT . "images/filetype_ " . $ extension".png' width=' $ thumb_size' height=' $ thumb_size' alt=' $ file' /></a> $ filename_caption</li> " );
364361 }
365362 }
366363 }
367364 closedir ($ handle
368365} else {
369- die ("ERROR: Could not open " . htmlspecialchars (stripslashes ($ currentdir " for reading! " );
366+ die ("ERROR: Could not open " . htmlspecialchars (stripslashes ($ current_dir " for reading! " );
370367}
371368
372369//-----------------------
@@ -468,15 +465,15 @@ function guardAgainstDirectoryTraversal($path) {
468465
469466//Include hidden links for all images BEFORE current page so lightbox is able to browse images on different pages
470467for ($ y0 ; $ y$ offset_startsizeof ($ dirs$ y
471- $ breadcrumb_navigation"<a href=' " . $ currentdir "/ " . $ files$ y"name " ] . "' class='hidden' title=' " . $ img_captions$ files$ y"name " ]] . "'></a> " ;
468+ $ breadcrumb_navigation"<a href=' " . $ current_dir "/ " . $ files$ y"name " ] . "' class='hidden' title=' " . $ img_captions$ files$ y"name " ]] . "'></a> " ;
472469}
473470
474471//-----------------------
475472// DISPLAY FOLDERS
476473//-----------------------
477474if (count ($ dirscount ($ files0 ) {
478475 $ thumbnails"<div class= \"Empty \"> $ label_noimages</div> <div class= \"EmptyAdvice \"> $ label_noimages_advice</div> " ; //Display 'no images' text
479- if ($ currentdir "photos " ) {
476+ if ($ current_dir "photos " ) {
480477 $ messages
481478 "It looks like you have just installed MiniGal Nano.
482479 Please run the <a href='system_check.php'>system check tool</a>. <br>
@@ -505,7 +502,7 @@ function guardAgainstDirectoryTraversal($path) {
505502}
506503
507504for ($ y$ i$ ysizeof ($ files$ y
508- $ page_navigation"<a href=' " . $ currentdir "/ " . $ files$ y"name " ] . "' class='hidden' title=' " . $ img_captions$ files$ y"name " ]] . "'></a> " ;
505+ $ page_navigation"<a href=' " . $ current_dir "/ " . $ files$ y"name " ] . "' class='hidden' title=' " . $ img_captions$ files$ y"name " ]] . "'></a> " ;
509506}
510507
511508//-----------------------
@@ -516,7 +513,7 @@ function guardAgainstDirectoryTraversal($path) {
516513}
517514
518515// Read folder comment.
519- $ comment_filepath$ currentdir $ file"/comment.html " ;
516+ $ comment_filepath$ current_dir $ file"/comment.html " ;
520517if (file_exists ($ comment_filepath
521518 $ fdfopen ($ comment_filepath"r " );
522519 $ comment"<div class= \"Comment \"> " . fread ($ fdfilesize ($ comment_filepath"</div> " ;
0 commit comments