setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); #$userManager = new \pvv\admin\UserManager($pdo); # #$as = new SimpleSAML_Auth_Simple('default-sp'); #$as->requireAuth(); #$attrs = $as->getAttributes(); #$loginname = $attrs['uid'][0]; # #if(!$loginname) { # header('Content-Type: text/plain', true, 403); # echo "Du må være logget inn for å se bildegalleriet.\r\n"; # exit(); #} # # $unamefile = __DIR__ . '/usernames.txt'; $relativePath = "/bilder/pvv-photos/"; $allowedExtensions = ['jpg', 'jpeg', 'png', 'gif', 'bmp', 'svg', 'webp']; $unamepairs = file($unamefile); $fullPath = getcwd() . $relativePath; function getDirContents($dir, &$results = array()) { $files = scandir($dir); foreach ($files as $key => $value) { $path = realpath($dir . DIRECTORY_SEPARATOR . $value); if (!is_dir($path)) { //Remove the full path on disk, keep username and relative path to image. ( $results[] = str_replace($GLOBALS["fullPath"], "", $path); is insecure.) $pos = strpos($path, $GLOBALS["fullPath"]); if ($pos !== false) { $cleanPath = substr_replace($path, "", $pos, strlen($GLOBALS["fullPath"])); } //Check if the file is an image $ext = pathinfo($path, PATHINFO_EXTENSION); if (in_array($ext, $GLOBALS["allowedExtensions"])) { $results[] = $cleanPath; } } else if ($value != "." && $value != "..") { //recursively scan directories getDirContents($path, $results); } } return $results; } $images = getDirContents($fullPath); $imageTemplate = '
%realname
%user