setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $userManager = new \pvv\admin\UserManager($pdo); $as = new SimpleSAML_Auth_Simple('default-sp'); $as->requireAuth(); $attrs = $as->getAttributes(); $loginname = $attrs['uid'][0]; if(!$loginname) { header('Content-Type: text/plain', true, 403); echo "Du må være logget inn for å se bildegalleriet.\r\n"; exit(); } $unamefile = __DIR__ . '/usernames.txt'; $relativePath = "/bilder/pvv-photos/"; $allowedExtensions = ['jpg', 'jpeg', 'png', 'gif', 'bmp', 'svg', 'webp']; $unamepairs = file($unamefile); $fullPath = getcwd() . $relativePath; function getDirContents($dir, &$results = array()) { $files = scandir($dir); foreach ($files as $key => $value) { $path = realpath($dir . DIRECTORY_SEPARATOR . $value); if (!is_dir($path)) { //Remove the full path on disk, keep username and relative path to image. ( $results[] = str_replace($GLOBALS["fullPath"], "", $path); is insecure.) $pos = strpos($path, $GLOBALS["fullPath"]); if ($pos !== false) { $cleanPath = substr_replace($path, "", $pos, strlen($GLOBALS["fullPath"])); } //Check if the file is an image $ext = pathinfo($path, PATHINFO_EXTENSION); if (in_array($ext, $GLOBALS["allowedExtensions"])) { $results[] = $cleanPath; } } else if ($value != "." && $value != "..") { //recursively scan directories getDirContents($path, $results); } } return $results; } $images = getDirContents($fullPath); $imageTemplate = '
%name

%realname

%user

' ?> Fotoverkstedet
$value) { $modTime = date("d.m.Y H:i", filemtime($fullPath . $value)); $imguser = explode("/", $value)[0]; $displaypath = substr($value, strpos($value, "/")+1); $realname = "Ukjent"; foreach ($unamepairs as $unamepair) { $unamepair = explode(":", $unamepair); if ($unamepair[0] == $imguser) { $realname = $unamepair[1]; break; } } $vars = [ "%user" => htmlspecialchars($imguser), "%time" => $modTime, "%timestamp" => filemtime($fullPath . $value), "%name" => htmlspecialchars($displaypath), "%path" => "/galleri/" . $relativePath .$value, "%realname" => htmlspecialchars($realname) ]; echo strtr($imageTemplate, $vars); } ?>