// /-------------------------------------------------\ // | ############################################### | // | # ------------------------------------------- # | // | # --- Picy - a simple PHP folder gallery ---- # | // | # ------------------------------------------- # | // | ############################################### | // | # http://picy.infinitesimal.org/ # | // | ############################################### | // | # © 2004 - Adrian Stutz # | // | # This script is licensed unter a # | // | # creative Commons License. # | // | # http://creativecommons.org/licenses ¬ # | // | # /by-nc-sa/2.0/de/ # | // | # adrian.stutz@gmail.com # | // | ############################################### | // | # Table of Contents: # | // | # 0. Settings (line 49) # | // | # 1. Init (line 114) # | // | # 2. Redirects (line 187) # | // | # 3. Misc Functions (line 217) # | // | # 4. Final Theme Function (line 262) # | // | # 5. Create Thumbnail Function (line 292) # | // | # 6. Is_pic Function (line 417) # | // | # 7. Get_files Function (line 436) # | // | # 8. Fill_info Function (line 470) # | // | # 9. Main (line 559) # | // | # 10. Compile Main Output (line 601) # | // | # 11. Image Viewer (line 726) # | // | # 12. Tunnel Picture Function (line 902) # | // | # 13. Warning For Ie Users (line 1023) # | // | # 14. Pictures Stored Interally (line 1041) # | // | # 15. Themes (line 1073) # | // | ############################################### | // \-------------------------------------------------/ // Pre-init defenitions define ('THM_INT',true,false); define ('THM_EXT',false,false); // Use following code to set the table picy_hp up: /* CREATE TABLE `picy` ( `ip` tinytext NOT NULL, `key` tinytext, `pic` tinytext, PRIMARY KEY (`ip`(11)) ); */ // --------------------------------------------------- // -- 0. SETTINGS ------------------------------------ // --------------------------------------------------- // 'image/jpeg','gif'=>'image/gif','png'=>'image/png'); // Secure passed pictures from hotlinking? (thumbnails and pics small than thumbnails will be excluded from this) // - Options: true or false $set['img_hotprot'] = false; // Hotlinking protection type // - Options: 'file', 'mysql' or 'session' $set['img_hp_type'] = 'session'; // ## View ########################################## // Display how many pictures per page? // - Options: Positive non-decimal number from 1 to uselessly large $set['pics_pp'] = 36; // Range for user selectable number of pics per page, set to 'array ($set['pics_pp'],$set['pics_pp']);' to disable. // - Options: Two positive non-decimal numbers from 1 to uselessly large. First number must be smaller as or equal to the second $set['pp_range'] = array ($set['pics_pp'],$set['pics_pp']); // Use internal picy viewer? If not, the picture will be shown normally (like entering it directly into the browser) // - Options: true or false $set['use_viewer'] = true; // Pad Strings to x chars where apropriate // - Options: Positive non-decimal number from 1 to uselessly large $set['padlen'] = 18; // Theme-override for IE users. // - Options: false to turn it off or a theme index number $set['iethm'] = false; // Theme type and name. You can specify more use them one subgalleries (.pcx, while x is the numerical index of the theme) // - Options: array (x,y) where x is either THM_INT for internal and THM_EXT for external themes and y the name for filename $set['themes'] = array (array (THM_INT,'std'),array (THM_INT,'html401')); // Standard theme to use // - Options: Array index of the theme, positive non-decimal number including 0 $set['cthm'] = 0; // Theme user selectable (using thm=x in the url) // - Options: true or false $set['user_thm'] = true; // Display all folders in the gallery regardless of their extension? // - Options: true or false $set['all_folders'] = false; // ## Thumbnails ########################################## // Create thumbnails? This will automatically try to create a thumbnail once a picture without one is found. // - Options: true or false $set['make_thmbs'] = true; // Thumbnail size. Aspect ratio will be retained, those are max values. // - Options: array (x,y) where x is thumbnail width and y height. $set['tmb_size'] = array (100,75); // What thumbnail creation method to use? If the array has more than one value, the latter one will be used if the first fails. // - Options: 'gd' for internal php library (JPEG and PNG support, only GIF read support for PHP < 5 [see $set['gif_convto'] option]).'magick' for ImageMagick. // Has to be installed and proper path provided ($set['magick_path']). [http://www.imagemagick.org/] $set['tmb_method'] = array ('magick','gd'); // Path to the ImageMagick executables. // - Options: String or empty string ('') if ImageMagick is installed global $set['magick_path'] = ''; // Normally, ImageMagick will create thumbnails in the same format as the original picture. If you want different formats for thumbnailsyou can specify them here. // e.g. array ('gif'=>'png','tiff'=>'jpg'); would create png thumbnails for gif and jpg for tiff images. // - Options: 'x'=>'y' where x is extension defined in $set['img_exts'] and y extension supported by ImageMagick $set['conv_types'] = array (); // If you're using a GD version without GIF write support, you can specify here, what format thumbnails should be created in for GIF images. // - Options: 'png' or 'jpeg'. $set['gif_convto'] = 'png'; // ## MySQL ########################################## // MySQL options used for mysql image hotlinking (has to be activated by $set['img_hotprot'] and $img_ht_type. $set['mq_server'] = 'localhost'; $set['mq_user'] = ''; $set['mq_password'] = ''; $set['mq_db'] = ''; // !!> // --------------------------------------------------- // -- 1. INIT ---------------------------------------- // --------------------------------------------------- $picy_version = 'v0.7'; $msgs = array (); $pics = array (); // type names $types = array (1 => 'GIF', 2 => 'JPG', 3 => 'PNG', 4 => 'SWF', 5 => 'PSD', 6 => 'BMP', 7 => 'TIFF (intel byte order)', 8 => 'TIFF (motorola byte order)', 9 => 'JPC', 10 => 'JP2', 11 => 'JPX', 12 => 'JB2', 13 => 'SWC', 14 => 'IFF', 15 => 'WBMP', 16 => 'XBM'); // load current folder $folder = dirname ($_SERVER['SCRIPT_FILENAME']).'/'; $picy_root = dirname ($_SERVER['SCRIPT_FILENAME']); // not root folder? if (isset ($_GET['f']) && trim ($_GET['f']) != '') { // compile new path $fpath = str_replace ('..','',$_GET['f']); // enforce trailing slash if (substr ($fpath,-1) != '/') $fpath .= '/'; $folder .= $fpath; } else { $fpath = ''; } // valid folder? if (!file_exists ($folder) || !is_dir ($folder)) { $msgs[] = 'No valid directory.'; error (); } // set theme if ($fpath != '' && preg_match ('/(\.pc)(\d{1,2})$/',basename ($fpath))) { $set['cthm'] = preg_replace ('/(.*)(\.pc)(\d{1,2})$/','\3',basename ($fpath)); if (!isset ($set['themes'][$set['cthm']])) { $set['cthm'] = 0; $msgs[] = 'Theme not found.'; } } // prepare pass vars $qps = array(); $passvars = array ('f','pp','offset','warnok'); foreach ($passvars as $pv) { if (isset ($_GET[$pv])) $qps[$pv] = $_GET[$pv]; } // pp in range? if (isset ($_GET['pp'])) { if ($_GET['pp'] < $set['pp_range'][0]) { $msgs[] = 'Pics per page value out of range (can be no less than '.$set['pp_range'][0].')'; $set['pics_pp'] = $set['pp_range'][0]; } elseif ($_GET['pp'] > $set['pp_range'][1]) { $msgs[] = 'Pics per page value out of range (can be no more than '.$set['pp_range'][1].')'; $set['pics_pp'] = $set['pp_range'][1]; } else { $set['pics_pp'] = (int)$_GET['pp']; } } // ie users if ($set['iethm'] !== false && !isset ($_GET['warnok']) && !isset ($_GET['dp']) && strpos ($_SERVER['HTTP_USER_AGENT'],'MSIE') !== false && strpos ($_SERVER['HTTP_USER_AGENT'],'Opera') === false) { $set['cthm'] = $set['iethm']; } // select theme if ($set['user_thm'] && isset ($_GET['thm'])) { $set['cthm'] = (int)$_GET['thm']; if (!isset ($set['themes'][$set['cthm']])) { $set['cthm'] = 0; $msgs[] = 'Theme not found.'; } } // --------------------------------------------------- // -- 2. REDIRECTS ----------------------------------- // --------------------------------------------------- // redirect for picture output if (isset ($_GET['dp'])) { pass_pic ($_GET['dp']); exit; } // redirect for picture tunnel if (isset ($_GET['pic'])) { tunnel_pic ($_GET['pic']); exit; } // redirect for viewer if (isset ($_GET['view'])) { show_viewer ($_GET['view']); exit; } // --------------------------------------------------- // -- 3. MISC FUNCTIONS ------------------------------ // --------------------------------------------------- function pad_string ($str,$len=-1) { global $set; if ($len == -1) $len = $set['padlen']; if (strlen ($str) > $len) { $str = substr ($str,0,$len-3); $str .= '...'; } return $str; } function make_query ($args) { global $qps; $temp = array_merge ($qps,$args); $qstr = ''; foreach ($temp as $key => $var) { if ($var !== false) $qstr .= '&'.$key.'='.$var; } return $qstr; } function error () { print_main (); exit; } function picy_mysql_conn () { global $set,$msgs; $connection = mysql_connect($set['mq_server'],$set['mq_user'],$set['mq_password']); if (!$connection) { $msgs[] = 'MySQL connection failed for picy hotlink protection.'; error (); } $db = mysql_select_db($set['mq_db'],$connection); if (!$db) { $msgs[] = 'Couldn\'t select mysql DB for picy hotlink protection.'; error (); } } // --------------------------------------------------- // -- 4. FINAL THEME FUNCTION ------------------------ // --------------------------------------------------- function print_main ($mainbit='',$mainwidth=525) { global $thm, $msgs, $set; if (!isset ($thm['html'])) load_theme ($set['themes'][$set['cthm']][1],$set['themes'][$set['cthm']][0]); // header + errors if (count ($msgs) > 0) { $out_temp = array (); foreach ($msgs as $msg) { $out_temp[] = str_replace ('%%msg%%',$msg,$thm['msgs_bit']); } $msgbit = str_replace ('%%msgs%%',implode('',$out_temp),$thm['msgs']); } else { $msgbit = ''; } $mainbit = $msgbit.$mainbit; // final output $html = str_replace ('%%res-name%%',basename($folder),$thm['html']); $html = str_replace ('%%main-width%%',$mainwidth,$html); print str_replace ('%%picy-main%%',$mainbit,$html); } // --------------------------------------------------- // -- 5. CREATE THUMBNAIL FUNCTION ------------------- // --------------------------------------------------- function make_thmb ($pfn) { global $msgs,$set,$types; $success = false; foreach ($set['tmb_method'] as $tm) { if ($tm == 'gd') { $info = getimagesize ($pfn); // get image types supported $gd_info = gd_info (); $handlers = array (); if ($gd_info['GIF Read Support']) $handlers[1] = 'imagecreatefromgif'; if ($gd_info['JPG Support']) $handlers[2] = 'imagecreatefromjpeg'; if ($gd_info['PNG Support']) $handlers[3] = 'imagecreatefrompng'; $outh = array (1=>'imagegif',2=>'imagejpeg',3=>'imagepng'); if (!$gd_info['GIF Create Support']) { $outh[1] = 'image'.$set['gif_convto']; $msgs[] = 'GIF image thumbnails will be converted to '.$set['gif_convto'].'.'; } if (array_key_exists ($info[2],$handlers)) { // load image $func = $handlers[$info[2]]; $img = $func ($pfn); if ($img == '') { $msgs[] = "GD: Image '".basename($pfn)."' could not be opened."; continue; } // determin resize factor if ($info[0] > $info[1]) { $factor = $set['tmb_size'][0]/$info[0]; } else { $factor = $set['tmb_size'][1]/$info[1]; } if ($factor > 1) $factor = 1; // thumbnail sizes $width = $info[0] * $factor; $height = $info[1] * $factor; // resize image $tmb = imagecreatetruecolor ($width,$height); imagecopyresampled ($tmb,$img,0,0,0,0,$width,$height,$info[0],$info[1]); // new filename $afn = basename ($pfn); $type = preg_replace ('/(.*)(\.)([^.]+)$/','\3',$afn); $fn = preg_replace ('/(.*)(\.)([^.]+)$/','\1',$afn).'.tmb.'.$type; // write thumbnail $func = $outh[$info[2]]; @$func ($tmb,dirname($pfn).'/'.$fn); if (!file_exists (dirname($pfn).'/'.$fn)) { $msgs[] = "GD: Couldn't write thumbnail for '".$afn."'."; continue; } else { $msgs[] = "'".$afn."': Thumbnail created with GD."; $success = true; break; } } else { $msgs[] = "GD: Picture format '".$types[$info[2]]."' not supported for thumbnail creation."; continue; } } elseif ($tm == 'magick') { // compile new filename $afn = basename ($pfn); $type = preg_replace ('/(.*)(\.)([^.]+)$/','\3',$afn); if (!isset ($set['conv_types'][$type])) $set['conv_types'][$type] = $type; $fn = preg_replace ('/(.*)(\.)([^.]+)$/','\1',$afn).'.tmb.'.$set['conv_types'][$type]; // do not upsample $info = getimagesize ($pfn); // determin resize factor if ($info[0] > $info[1]) { $factor = $set['tmb_size'][0]/$info[0]; } else { $factor = $set['tmb_size'][1]/$info[1]; } if ($factor > 1) $factor = 1; // thumbnail sizes $width = $info[0] * $factor; $height = $info[1] * $factor; // compile command $command = $set['magick_path'].'convert -size '.$width.'x'.$height.' "'.$pfn.'" '; $command .= '-resize '.$width.'x'.$height.' +profile "*" '; $command .= '"'.dirname($pfn).'/'.$fn.'" 2>&1'; $error = shell_exec ($command); if (!file_exists (dirname($pfn).'/'.$fn)) { if ($error != '') { $msgs[] = "ImageMagick: Couldn't create thumbnail for ".$afn." (".$error.")"; continue; } else { $msgs[] = "ImageMagick: Couldn't create thumbnail for ".$afn." (unknown reason)."; continue; } } $msgs[] = "'".$afn."': Thumbnail created with ImageMagick."; $success = true; break; } else { $msgs[] = "'".$tm."': unkown method for thumbnail creation."; continue; } } return $success; } // --------------------------------------------------- // -- 6. IS_PIC FUNCTION ----------------------------- // --------------------------------------------------- function is_pic ($str,$no_folders=false,$thumbs=false) { global $set,$folder; if (in_array (preg_replace ('/(.*)(\.)([^.]+)$/','\3',strtolower($str)),$set['img_exts']) && strstr ($str,'.blk.') === false && ($thumbs || strstr ($str,'.tmb.') === false)) { return true; } elseif (is_dir ($folder.$str) && !$no_folders && (preg_match ('/(\.pc)(\d{1,2})$/',strtolower($str)) || $set['all_folders'])) { return true; } else { return false; } } // --------------------------------------------------- // -- 7. GET_FILES FUNCTION -------------------------- // --------------------------------------------------- function get_files ($path) { global $msgs; // Check if folder if (!is_dir ($path)) { $msgs[] = "'".basename($paht)."': Is not a folder."; return false; } // Try to open folder $dir = opendir ($path); if ($dir === false) { $msgs[] = "'".basename($paht)."': Could not be opened."; return false; } // Read files into array while (($cf = readdir ($dir)) !== false) { if ($cf != '..' && $cf != '.') { $files[] = $cf; } } @natcasesort ($files, 'DateCmp'); return $files; } // --------------------------------------------------- // -- 8. FILL_INFO FUNCTION -------------------------- // --------------------------------------------------- function fill_info ($pic) { global $set, $folder, $fpath, $types; // Check if folder if (!is_dir ($folder.$pic)) { // compile basic info $info['ext'] = preg_replace ('/(.*)(\.)([^.]+)$/','\3',$pic); $info['name'] = preg_replace ('/(.*)(\.)([^.]+)$/','\1',$pic); // special link for viewer if ($set['use_viewer']) { $info['link'] = $_SERVER['PHP_SELF'].'?'.make_query (array ('view'=>$pic)); } else { $info['link'] = $fpath.$pic; } // special path for passthru if ($set['img_passthru']) { $info['path'] = $_SERVER['PHP_SELF'].'?'.make_query (array ('pic'=>$pic)); } else { $info['path'] = $fpath.$pic; } $info['path_int'] = $folder.$pic; // get additonal info $temp = getimagesize ($folder.$pic); $info['size'] = filesize($folder.$pic); $info['width'] = $temp[0]; $info['height'] = $temp[1]; $info['type'] = $types[$temp[2]]; // check for thumbnail / do we need a thumbnail anyway? if ($temp[0] < $set['tmb_size'][0] && $temp[1] < $set['tmb_size'][1]) { // special path for passthru if (!$set['img_passthru']) { $info['thm'] = $fpath.$pic; } else { $info['thm'] = $_SERVER['PHP_SELF'].'?'.make_query (array ('pic'=>$pic)); } } elseif (file_exists ($folder.$info['name'].'.tmb.'.$info['ext'])) { // special path for passthru if (!$set['img_passthru']) { $info['thm'] = $fpath.$info['name'].'.tmb.'.$info['ext']; } else { $info['thm'] = $_SERVER['PHP_SELF'].'?'.make_query (array ('pic'=>$info['name'].'.tmb.'.$info['ext'])); } } else { // create thumbnail if requested if ($set['make_thmbs']) { if (make_thmb ($info['path_int'])) { // special path for passthru if (!$set['img_passthru']) { $info['thm'] = $fpath.$info['name'].'.tmb.'.$info['ext']; } else { $info['thm'] = $_SERVER['PHP_SELF'].'?'.make_query (array ('pic'=>$info['name'].'.tmb.'.$info['ext'])); } } else { $info['thm'] = false; } } else { $info['thm'] = false; } } } else { // compile basic info $info['ext'] = preg_replace ('/(.*)(\.)([^.]+)$/','\3',$pic); $info['name'] = preg_replace ('/(.*)(\.)([^.]+)$/','\1',$pic); $info['link'] = $_SERVER['PHP_SELF'].'?'.make_query (array('f'=>$fpath.$pic,'offset'=>false)); $info['path_int'] = $folder.$pic; // get additonal info $info['type'] = 'Folder'; $info['thm'] = $_SERVER['PHP_SELF'].'?dp=folder'; } return $info; } // --------------------------------------------------- // -- 9. MAIN ---------------------------------------- // --------------------------------------------------- // generate hierarchy $hyr[] = array ('name'=>preg_replace ('/(.*)(\.)([^.]+)$/','\1',basename($picy_root)),'link'=>$_SERVER['PHP_SELF'].'?'.make_query(array('f'=>false,'offset'=>false))); $parts = explode ('/',$fpath); $temppath = ''; foreach ($parts as $part) { if ($part != '') { $temppath .= $part.'/'; $hyr[] = array ('name'=>preg_replace ('/(.*)(\.)([^.]+)$/','\1',$part),'link'=>($_SERVER['PHP_SELF'].'?'.make_query(array('f'=>$temppath,'offset'=>false)))); } } // open folder $files = get_files ($folder); // Offset if (!isset ($_GET['offset'])) { $off = 0; } else { $off = (int)$_GET['offset']; } $pics = array (); // filter pictures $picfiles = array_filter ($files,'is_pic'); $picfiles = array_values ($picfiles); // total pictures $pn = count ($picfiles); // search for pictures / fill with info for ($i=$off;$i 0) { $info_tags = array ('%%pic-link%%','%%pic-path%%','%%pic-name%%','%%pic-size%%', '%%tbl-width%%','%%img-type%%','%%tmb-width%%','%%tmb-height%%', '%%pic-width%%','%%pic-height%%'); $tdbits = array (); $rowbits = array (); $pagebit = ''; $tablebit = ''; $hyrbit = ''; for ($i=0;$i $lp) { return $lp; } else { return $int; } } // generate page links $page_tags = array ('%%first-page%%','%%last-page%%','%%prev-page%%','%%next-page%%'); $page_bitags = array ('%%page-n-link%%','%%page-n-num%%'); $tags_data = array ($_SERVER['PHP_SELF'].'?'.make_query(array('offset'=>'0')), $_SERVER['PHP_SELF'].'?'.make_query(array('offset'=>$lp)), $_SERVER['PHP_SELF'].'?'.make_query(array('offset'=>obey_limits($_GET['offset']-$set['pics_pp']))), $_SERVER['PHP_SELF'].'?'.make_query(array('offset'=>obey_limits($_GET['offset']+$set['pics_pp'])))); // output $pbits = array (); for ($i=1;$i<=ceil($pn/$set['pics_pp']);$i++) { $bittags_data = array ($_SERVER['PHP_SELF'].'?'.make_query(array('offset'=>(($i-1)*$set['pics_pp']))),$i); $pbits[] = str_replace ($page_bitags,$bittags_data,$thm['pgs_bit']); } $pagebit = str_replace ($page_tags,$tags_data,$thm['pgs']); $pagebit = str_replace ('%%pages%%',implode('',$pbits),$pagebit); } // compile folder hierarchy for ($i=0;$i$fpath))); // generate key for hotlink protection if ($set['img_hotprot']) { if ($set['img_hp_type'] == 'file') { // generate key $key = substr (md5 (uniqid (rand())),0,10); // check for file if (file_exists ($folder.'picy_key_'.$key.'.pkf')) { $msgs[] = 'Key collision error.'; error (); } // write key $keyfile = fopen ($folder.'picy_key_'.$key.'.pkf','w'); if ($keyfile === false) { $msgs[] = 'Cannot open dir for writing.'; error (); } $status = fwrite ($keyfile,time()); if ($status === false) { $msgs[] = 'Cannot write file.'; error (); } fclose ($keyfile); // pass key $tags_data[0] = $curr['path'].'&key='.$key; } elseif ($set['img_hp_type'] == 'mysql') { // connect picy_mysql_conn (); // generate key $key = substr (md5 (uniqid (rand())),0,10); // add to database $sql = "REPLACE INTO picy (`ip`,`pic`,`key`) VALUES ('".$_SERVER['REMOTE_ADDR']."','".addslashes($pic)."','".$key."')"; $err = mysql_query ($sql); if (!$err) { $msgs[] = 'A MySQL error occured.'; } // pass key $tags_data[0] = $curr['path'].'&key='.$key; } elseif ($set['img_hp_type'] == 'session') { // start session session_start (); // save into session $_SESSION['hp']['ip'] = $_SERVER['REMOTE_ADDR']; $_SESSION['hp']['pic'] = $pic; } else { $msgs[] = 'Unkown hotlink protection type.'; error (); } } // main width if ($curr['width']+26 > 525) { $width = $curr['width']+26; } else { $width = 525; } $picbit = str_replace ($info_tags,$tags_data,$thm['viewer']); $picbit = str_replace ('%%prev%%',$prevbit,$picbit); $picbit = str_replace ('%%next%%',$nextbit,$picbit); print_main ($picbit,$width); } // --------------------------------------------------- // -- 12. TUNNEL PICTURE FUNCTION -------------------- // --------------------------------------------------- function tunnel_pic ($pic) { global $folder, $fpath, $set, $msgs; // valid picture? if (!is_pic (basename($pic),true,true)) { $msgs[] = 'No valid picture.'; error (); } // get folder contents $files = get_files ($folder); // only valid pictures // make is_pic function with no folders for callback function is_pic_nf (&$str) { return is_pic ($str,true,true); } // remove non-pic files and folders $files = array_filter ($files,'is_pic_nf'); // reindex array $files = array_values ($files); // look for picture if (($pos = array_search ($pic,$files)) === false) { $msgs[] = 'Picture not found.'; error (); } // get dimensions $temp = getimagesize ($folder.$pic); // hotlink protection if ($set['img_hotprot'] && strstr ($pic,'.tmb.') === false && ($temp[0] > $set['tmb_size'][0] && $temp[1] > $set['tmb_size'][1])) { // no dir up-s $_GET['key'] = str_replace ('..','',$_GET['key']); if ($set['img_hp_type'] == 'file') { if (trim ($_GET['key']) == '' || !file_exists ($folder.'picy_key_'.$_GET['key'].'.pkf')) { $msgs[] = 'You don\'t have permission to access this file.'; error (); } else { unlink ($folder.'picy_key_'.$_GET['key'].'.pkf'); } } elseif ($set['img_hp_type'] == 'mysql') { // open connection picy_mysql_conn (); // look for key $sql = "SELECT * FROM picy WHERE ip = '".$_SERVER['REMOTE_ADDR']."' AND pic = '".addslashes($pic)."'"; $res = mysql_query ($sql); if (!$res) { $msgs[] = 'A MySQL error occured.'; error (); } if (!mysql_num_rows ($res) == 0) { if (mysql_result ($res,0,'key') != $_GET['key']) { $msgs[] = 'You don\'t have permission to access this file.'; error (); } } else { $msgs[] = 'You don\'t have permission to access this file.'; error (); } // remove key $sql = "DELETE * FROM picy WHERE ip = '".$_SERVER['REMOTE_ADDR']."'"; mysql_query ($sql); } elseif ($set['img_hp_type'] == 'session') { // start session session_start (); if (!isset ($_SESSION['hp']) || $_SESSION['hp']['ip'] != $_SERVER['REMOTE_ADDR'] || $_SESSION['hp']['pic'] != $pic) { unset ($_SESSION['hp']); $msgs[] = 'You don\'t have permission to access this file.'; error (); } unset ($_SESSION['hp']); } else { $msgs[] = 'Unkown hotlink protection type.'; error (); } } // get file extension $ext = strtolower (preg_replace ('/(.*)(\.)([^.]+)$/','\3',$pic)); if (!isset ($set['mime_types'][$ext])) { $msgs[] = 'No suiteable MIME type found.'; error (); } // tunnel picture $file = fopen ($folder.$pic,'rb'); if ($file === false) { $msgs[] = 'Picture couldn\'t be opened.'; error (); } header ('Content-type: '.$set['mime_types'][$ext]); fpassthru ($file); fclose ($file); } // --------------------------------------------------- // -- 14. PICTURES STORED INTERALLY ------------------ // --------------------------------------------------- function pass_pic ($p) { // } elseif ($p == 'file') { // } elseif ($p == 'icon') { // } elseif ($p == 'logo') { // } elseif ($p == 'almost-html401') { // } // !!> } // --------------------------------------------------- // -- 15. THEMES ------------------------------------- // --------------------------------------------------- function load_theme ($tname,$internal=THM_INT) { global $msgs, $thm, $picy_version; if ($internal == THM_INT) { // Cats!
%%picy-main%%
flex minerals

flex minerals

 excite richard dale evans wv

richard dale evans wv

 mile 8n ford wiring diagrams

8n ford wiring diagrams

 am star on barn

star on barn

 house sell pag light

sell pag light

 slip monterey mattress co

monterey mattress co

 front the bowen agency

the bowen agency

 decimal ypsilanti girls porn

ypsilanti girls porn

 finish pennysaver holbrook ny

pennysaver holbrook ny

 fish west virginia taxable districts

west virginia taxable districts

 wide david bauscher

david bauscher

 old bradford suites dallas texas

bradford suites dallas texas

 every taylors entertainmant news

taylors entertainmant news

 men accokeek md house fire

accokeek md house fire

 scale disney character pluto pictures

disney character pluto pictures

 consonant zinnie s memphis tn

zinnie s memphis tn

 born allen tepper realty

allen tepper realty

 magnet disney pixar cars pics

disney pixar cars pics

 step jesus olmos chris pitts

jesus olmos chris pitts

 fine brain injury awareness day

brain injury awareness day

 stood stanley park westfield ma

stanley park westfield ma

 flow simpson holsclaw cooney

simpson holsclaw cooney

 which delft blue garden globe

delft blue garden globe

 snow paris airfare sale

paris airfare sale

 flow crandon park beach

crandon park beach

 up gerald r ford biography

gerald r ford biography

 wing star barn soap company

star barn soap company

 place atkinson invisible drum set

atkinson invisible drum set

 grass leah fairbanks

leah fairbanks

 science ancient rome water fountains

ancient rome water fountains

 written chase freedom card rewards

chase freedom card rewards

 smile clearlake apartments

clearlake apartments

 current upstate ny homes

upstate ny homes

 teeth black robes fur trade

black robes fur trade

 cell dayton plastics needmore road

dayton plastics needmore road

 during ford dohc 32v history

ford dohc 32v history

 knew courier herald dublin georgia

courier herald dublin georgia

 little tully s cicero ny

tully s cicero ny

 hour the dry stone conservancy

the dry stone conservancy

 clean creekside park hoa

creekside park hoa

 brown walton seafood maryland

walton seafood maryland

 interest school of rock chalkboard

school of rock chalkboard

 fish weather columbia missouri 65201

weather columbia missouri 65201

 wear john childress carter

john childress carter

 cut natoma jazz band

natoma jazz band

 pattern madison resources group

madison resources group

 bring the car store adel

the car store adel

 chair matt ramsey peter north

matt ramsey peter north

 voice fay ranches montana

fay ranches montana

 take ma barker newton boys

ma barker newton boys

 back leavenworth wa motels

leavenworth wa motels

 race south east europe energy treaty

south east europe energy treaty

 count napa flood protection

napa flood protection

 paper winnebago illinois courthouse

winnebago illinois courthouse

 nine the circuit portland oregon

the circuit portland oregon

 answer iberia airfares discounted fares

iberia airfares discounted fares

 ground ben franklins proverbs

ben franklins proverbs

 have grayton beach florida rental

grayton beach florida rental

 nose fedex warehouse indianapolis

fedex warehouse indianapolis

 opposite john michael scheufler

john michael scheufler

 before megann hazen

megann hazen

 student stanley turrentine sugar vocals

stanley turrentine sugar vocals

 shell refilled printer cartriges

refilled printer cartriges

 stood holiday vacations wbng

holiday vacations wbng

 school sandra dickinson

sandra dickinson

 figure rodney naylor violet smith

rodney naylor violet smith

 rub claudia s lightworker supplies

claudia s lightworker supplies

 count serena williams private photos

serena williams private photos

 danger bitch jet

bitch jet

 cry claremont veterinary hospital oakland

claremont veterinary hospital oakland

 start naruto english episode 190

naruto english episode 190

 organ flagstaff skate parks

flagstaff skate parks

 thing remington 12 gauge pump

remington 12 gauge pump

 way karla rose

karla rose

 spot hp touchscreen media desktop

hp touchscreen media desktop

 forest chilis in apopka

chilis in apopka

 organ worldfest louisville

worldfest louisville

 division andes mountains skiing

andes mountains skiing

 drink dr charuk hamilton nj

dr charuk hamilton nj

 noon las vegas limo companys

las vegas limo companys

 reach madison homes manufactured california

madison homes manufactured california

 region childsuper models archives

childsuper models archives

 planet ibm littleton westford

ibm littleton westford

 test dodge truck armrest cover

dodge truck armrest cover

 level hotel map of rome

hotel map of rome

 party rebecca jean smallbone said

rebecca jean smallbone said

 children bicycle light addaptor

bicycle light addaptor

 early home made panty videos

home made panty videos

 guess craig davis chargers

craig davis chargers

 good colorado rockies shane lowe

colorado rockies shane lowe

 work computer stores in hamilton

computer stores in hamilton

 those hohner marine band

hohner marine band

 here frost maine coast

frost maine coast

 weather scary north dakota

scary north dakota

 floor apo pills

apo pills

 street home comfort center harbour

home comfort center harbour

 produce santo domingo beauty salon

santo domingo beauty salon

 require washington state population graphs

washington state population graphs

 spread huxford encylopedia fiesta ware

huxford encylopedia fiesta ware

 opposite copper olive oil can

copper olive oil can

 very turkey appliques

turkey appliques

 build phoenix fetish ball

phoenix fetish ball

 feet harvey ward genealogy

harvey ward genealogy

 happen corseted ball gowns

corseted ball gowns

 sky carole king hardrock cafe

carole king hardrock cafe

 name atlantic eyecare

atlantic eyecare

 town jonathan stetson

jonathan stetson

 kind upscale modular home

upscale modular home

 fall patriots of united states

patriots of united states

 forward quotes from winston churchhill

quotes from winston churchhill

 fat natotorium orange texas

natotorium orange texas

 wall warren zebon

warren zebon

 soil universal madness gear

universal madness gear

 to jean shepherd michigan

jean shepherd michigan

 study garth brooks cords

garth brooks cords

 speech cannon paddles m2

cannon paddles m2

 must assault garfield wallington nj

assault garfield wallington nj

 time first leeds airport york

first leeds airport york

 cook surplus coats

surplus coats

 write vivian martin and bromley

vivian martin and bromley

 enemy hong kong park restaurant

hong kong park restaurant

 dead simpsons uncut torrent

simpsons uncut torrent

 rain commercial weed trimmer

commercial weed trimmer

 fight brooks adrenaline asr sale

brooks adrenaline asr sale

 map tampa fl traffic

tampa fl traffic

 coat mendocino lodge

mendocino lodge

 nothing shell adirondack

shell adirondack

 block alex bennet

alex bennet

 stop napa neighborhoods

napa neighborhoods

 mean mr geoff bock

mr geoff bock

 white language census and california

language census and california

 roll stem cell learning activities

stem cell learning activities

 form condominium rental orlando florida

condominium rental orlando florida

 gray joshua harris baseball

joshua harris baseball

 row linen blend home dec

linen blend home dec

 car recipe for voodoo chicken

recipe for voodoo chicken

 few pamos hills

pamos hills

 pull grey hawks

grey hawks

 gray jeff fox enid oklahoma

jeff fox enid oklahoma

 fig gillmartin funeral home

gillmartin funeral home

 trip elizabeth ayers antique aprraisal

elizabeth ayers antique aprraisal

 no ee cummings poem automobile

ee cummings poem automobile

 fit janice dickinson supermodel

janice dickinson supermodel

 silver mini skirt beauties

mini skirt beauties

 bed power politics in organisations

power politics in organisations

 brown midwest stone specialists

midwest stone specialists

 bad snow leopard big cats

snow leopard big cats

 what edmonds underwater park impound

edmonds underwater park impound

 it benjamin franklin transportation

benjamin franklin transportation

 colony douglas frazier

douglas frazier

 enough rake definition

rake definition

 great irvine ca senior center

irvine ca senior center

 serve lz converting new york

lz converting new york

 planet family practitioner centerville ohio

family practitioner centerville ohio

 five mid cap green fund

mid cap green fund

 please rockport ar river

rockport ar river

 try fox girls 2005 pants

fox girls 2005 pants

 roll wastemanagement of fresno ca

wastemanagement of fresno ca

 baby radar weather ardmore ok

radar weather ardmore ok

 that john madden co denver

john madden co denver

 branch gwen swartz

gwen swartz

 pound dr bruce champagne manhattan

dr bruce champagne manhattan

 imagine bellhaven university jackson ms

bellhaven university jackson ms

 arrive lincoln continental anit theft

lincoln continental anit theft

 while 4x4 jeep safari corfu

4x4 jeep safari corfu

 window movie theater toms river

movie theater toms river

 rub virginia beach county

virginia beach county

 self kure beach youth fishing

kure beach youth fishing

 bottom charles darwin woollaston island

charles darwin woollaston island

 much exxon mobile credit center

exxon mobile credit center

 each shannon dourghty

shannon dourghty

 busy ben abell

ben abell

 too ireland asparagus

ireland asparagus

 difficult sage and swift caterers

sage and swift caterers

 term buckingham county high school

buckingham county high school

 clothe family lawers ontario

family lawers ontario

 nose aurora lens

aurora lens

 element nose peircing red deer

nose peircing red deer

 safe jeff s johnson ohio

jeff s johnson ohio

 ocean nelson cynthia norma

nelson cynthia norma

 sat amy san francisco

amy san francisco

 kill memorial funeral home fanwood

memorial funeral home fanwood

 wrote gary albers damcer

gary albers damcer

 fruit buy glass half globes

buy glass half globes

 floor lotus notes blocked email

lotus notes blocked email

 represent cocoa beach web cam

cocoa beach web cam

 produce cpr training birmingham alabama

cpr training birmingham alabama

 center clarence foote bill foote

clarence foote bill foote

 seem nathaniel jacob lee texas

nathaniel jacob lee texas

 invent licensed substance abuse counselor

licensed substance abuse counselor

 coast city of hoboken directions

city of hoboken directions

 sent alexander tyler a scottish

alexander tyler a scottish

 call kelly clarkson sober listen

kelly clarkson sober listen

 are cahoots columbus

cahoots columbus

 far phoenix theatre leicester

phoenix theatre leicester

 lake jace levinson san francisco

jace levinson san francisco

 dress crittenton medical center michigan

crittenton medical center michigan

 hot congressman john carter

congressman john carter

 several cheraw sc parks

cheraw sc parks

 dictionary dr adams greenwood sc

dr adams greenwood sc

 doctor nevada civil practice manual

nevada civil practice manual

 rise saints and villans summary

saints and villans summary

 win chevy cavalier exhaust parts

chevy cavalier exhaust parts

 said alton towers tickets online

alton towers tickets online

 triangle glasgow university admissions

glasgow university admissions

 find neon periodic sign

neon periodic sign

 press saline washing

saline washing

 there long branch boardwalk

long branch boardwalk

 true . canadian dollar 1945 price

canadian dollar 1945 price

 should revenge girlfriend videos ashley

revenge girlfriend videos ashley

 yet atlantic county democrats

atlantic county democrats

 lady willow park liquors

willow park liquors

 fish amelia s lite

amelia s lite

 swim pinus cembra blue mound

pinus cembra blue mound

 more alleman mandeville

alleman mandeville

 new andrews lighting gallery

andrews lighting gallery

 correct liquified propane gas

liquified propane gas

 fill zachary norwood

zachary norwood

 current melvin sheldon

melvin sheldon

 full musc chaplin s office

musc chaplin s office

 until caldwell idaho realtors

caldwell idaho realtors

 observe police brutality in california

police brutality in california

 lake ballroom dance costomes california

ballroom dance costomes california

 danger info on danish homes

info on danish homes

 score hydralift crane bolts

hydralift crane bolts

 search holly macdonald with hospice

holly macdonald with hospice

 thin victor 1212 2 ink replacement

victor 1212 2 ink replacement

 joy westpoint one penny 1941

westpoint one penny 1941

 stick 1800 club miami

1800 club miami

 run florida pillows

florida pillows

 bell caribbean isles home owners

caribbean isles home owners

 company shalom jerusalem hotel

shalom jerusalem hotel

 him staffa ontario

staffa ontario

 from brevard aikido lane yamada

brevard aikido lane yamada

 horse ralph strangis

ralph strangis

 picture oak versus cherry

oak versus cherry

 die kim grimes remax woodlands

kim grimes remax woodlands

 count bellevue hospital bellevue ohio

bellevue hospital bellevue ohio

 feel vimy ridge statues

vimy ridge statues

 love st andrews school eastbourne

st andrews school eastbourne

 sense russell hobbs south africa

russell hobbs south africa

 fit fairfax hyundai laura

fairfax hyundai laura

 planet global coalition peace justice

global coalition peace justice

 often northway 11

northway 11

 chart florida crawfordville julie phillips

florida crawfordville julie phillips

 close michigan courts infant euthanasia

michigan courts infant euthanasia

 learn lisa williams psychic scam

lisa williams psychic scam

 buy mustang sequential taillights

mustang sequential taillights

 twenty chrissy clifton

chrissy clifton

 wide marissa odonnell age

marissa odonnell age

 busy history of montreal olympics

history of montreal olympics

 run star laser cebu

star laser cebu

 read saab service herndon virginia

saab service herndon virginia

 search menard correctional center illinois

menard correctional center illinois

 root ozona yoga

ozona yoga

 story pasquales candia

pasquales candia

 son coastwide home page

coastwide home page

 symbol perkins county nebraska newspaper

perkins county nebraska newspaper

 connect nathaniel centre kingwood

nathaniel centre kingwood

 always camp murray wa uspfo

camp murray wa uspfo

 reason bear grylls training regime

bear grylls training regime

 hair stockton ag expo

stockton ag expo

 fit weather santa barbara california

weather santa barbara california

 captain canadian candy wholesale

canadian candy wholesale

 cool obit allen texas

obit allen texas

 say drew landing

drew landing

 stop portland oregon expo center

portland oregon expo center

 silver michigan gsid

michigan gsid

 yellow calculating home square footage

calculating home square footage

 bad 1974 ford heavy trucks

1974 ford heavy trucks

 square airport shuttle orlando florida

airport shuttle orlando florida

 separate green guard house wrap

green guard house wrap

 mean centennial college and scarborough

centennial college and scarborough

 young baymont inn suites bloomington

baymont inn suites bloomington

 range trenton frost

trenton frost

 fact amy purcell sykes

amy purcell sykes

 stand boston music ublishers

boston music ublishers

 path ortho in elk river

ortho in elk river

 steel textbooks at discount prices

textbooks at discount prices

 protect duncan cyclone

duncan cyclone

 dear sweetwater 1994 crazy fingers

sweetwater 1994 crazy fingers

 surface coldwater creek p

coldwater creek p

 grass boston roaster coffee co

boston roaster coffee co

 could commercial gas stoneham massachusetts

commercial gas stoneham massachusetts

 short alexander hamilton stephens said

alexander hamilton stephens said

 hole brandon mississippi live oaks

brandon mississippi live oaks

 port reading greek hebrew bible

reading greek hebrew bible

 end yankee sturbridge village

yankee sturbridge village

 live scott adams mcdonald s

scott adams mcdonald s

 protect arlington computer supplies

arlington computer supplies

 shout detroit allison diesel

detroit allison diesel

 show dakota dan myspace

dakota dan myspace

 length calvary chapel caldwell id

calvary chapel caldwell id

 made joanne everett email song

joanne everett email song

 enough script play for medusa

script play for medusa

 pull car accidents ashley bass

car accidents ashley bass

 stead president filmore matthew perry

president filmore matthew perry

 rich supship groton organization

supship groton organization

 play excel exam papers

excel exam papers

 loud hennepin tecnical college mn

hennepin tecnical college mn

 capital george s list

george s list

 son massage parlors in london

massage parlors in london

 experience ruger 10 22 rifle

ruger 10 22 rifle

 no kristen temple

kristen temple

 story newbern nc mailto

newbern nc mailto

 plural comfort inn shelbyville indiana

comfort inn shelbyville indiana

 hold boucher ford west bend

boucher ford west bend

 want mcas cherry point campground

mcas cherry point campground

 arrange r creighton connelly

r creighton connelly

 took clarion car audio au

clarion car audio au

 appear landforms in alberta canada

landforms in alberta canada

 mount richford vermont schools

richford vermont schools

 women camping warm lake id

camping warm lake id

 she chautauqua type family resorts

chautauqua type family resorts

 store lumos alliance

lumos alliance

 must okidata canada

okidata canada

 produce ambience on site spa toronto

ambience on site spa toronto

 take brookhaven wrestler

brookhaven wrestler

 division winchester short magnum

winchester short magnum

 young fastest marathon times

fastest marathon times

 self equestrian shops in oregon

equestrian shops in oregon

 stead ymca of hickory nc

ymca of hickory nc

 board melbourne fast money jobs

melbourne fast money jobs

 liquid erin thomas ryan homes

erin thomas ryan homes

 spread yasmine morocco porn

yasmine morocco porn

 main grays beach yarmouth

grays beach yarmouth

 rich rock creek beverage bottle

rock creek beverage bottle

 wall havelock nc airport

havelock nc airport

 agree paul s kingcake

paul s kingcake

 want standard process sp complete

standard process sp complete

 father passie solar house

passie solar house

 wild new albany schools ohio

new albany schools ohio

 led columbus relocation guide

columbus relocation guide

 young dawn linsley mc

dawn linsley mc

 dad selena ellis rms unlimited

selena ellis rms unlimited

 any mulder mill bay

mulder mill bay

 think widow tax exemption florida

widow tax exemption florida

 warm graham kerr beef stew

graham kerr beef stew

 suit gulfport us marine

gulfport us marine

 always molly shannon helen madden

molly shannon helen madden

 begin maquoketa state park iowa

maquoketa state park iowa

 know wtam radio cleveland ohio

wtam radio cleveland ohio

 eye aa hulls

aa hulls

 favor dodge stratus idle

dodge stratus idle

 take spider kane

spider kane

 our kathleen stanfield weinstein

kathleen stanfield weinstein

 carry the stargazer lily

the stargazer lily

 bought erin ellington gold pass

erin ellington gold pass

 direct missy tampa escort

missy tampa escort

 pass big fire norton oh

big fire norton oh

 better julie koehne davenport iowa

julie koehne davenport iowa

 steam asian elephant breeding

asian elephant breeding

 write amsterdam tome zone

amsterdam tome zone

 season plank for salmon

plank for salmon

 steel jersey open 2007 croquet

jersey open 2007 croquet

 any iowa homeschool forms

iowa homeschool forms

 stay albany ringling protest

albany ringling protest

 grew rockywold deephaven family camps

rockywold deephaven family camps

 ask prince of peace plano

prince of peace plano

 force 1979 chicago bears

1979 chicago bears

 atom sun princess deck plan

sun princess deck plan

 draw glen rotchin poetry

glen rotchin poetry

 age lake butler fl churches

lake butler fl churches

 drop highland park bloomington mn

highland park bloomington mn

 condition becky ellis tucson

becky ellis tucson

 hour hays personnel sydney

hays personnel sydney

 language clear creek casino

clear creek casino

 require hotel locarno nice fr

hotel locarno nice fr

 course queen victoria monuments pictures

queen victoria monuments pictures

 post fleming blanchard mccurdy said

fleming blanchard mccurdy said

 oh lewiston maine elks

lewiston maine elks

 energy minnesota outdoor magazine

minnesota outdoor magazine

 half bad cramps cushing s

bad cramps cushing s

 equal dylan thomas atlantic monthly

dylan thomas atlantic monthly

 busy new mexico sheriffs association

new mexico sheriffs association

 correct stowe s eva

stowe s eva

 our neil smith royal rodes

neil smith royal rodes

 support game house majhongg

game house majhongg

 law hot punk deborah driggs

hot punk deborah driggs

 half which powerpoint vista

which powerpoint vista

 cover 2007 disney christmas ornament

2007 disney christmas ornament

 remember natural gas grill charbroil

natural gas grill charbroil

 art thomas hennessey

thomas hennessey

 parent mount clemons ice arena

mount clemons ice arena

 feet stony creek elementary

stony creek elementary

 tire diesel engine cylinder glaze

diesel engine cylinder glaze

 wash lyme desease dogs

lyme desease dogs

 energy indianapolis 30 restaurant promotion

indianapolis 30 restaurant promotion

 sat roper electric freestanding range

roper electric freestanding range

 trip boston market thanksgiving

boston market thanksgiving

 fear carleton sound gay

carleton sound gay

 salt city parks searcy ar

city parks searcy ar

 seat tell boss day off

tell boss day off

 lost koenke ford

koenke ford

 about joe munden

joe munden

 voice tony bennett tour 2008

tony bennett tour 2008

 three jaffrey nh martin dunn

jaffrey nh martin dunn

 felt tim frasier bellevue illinois

tim frasier bellevue illinois

 one rentals in southern california

rentals in southern california

 clothe towers perrin home page

towers perrin home page

 high richmond engineering olympia

richmond engineering olympia

 die calvin washere com

calvin washere com

 second catron county newmexico

catron county newmexico

 fact bear one cam bow

bear one cam bow

 city the price of uranium

the price of uranium

 third ft lauderdale airport website

ft lauderdale airport website

 book alaskan bear hibernate

alaskan bear hibernate

 top railroad house band

railroad house band

 bone west memphis fence company

west memphis fence company

 close lake verney hotel wales

lake verney hotel wales

 excite abet california national university

abet california national university

 fig springfield xd pistol

springfield xd pistol

 once otto lee dean

otto lee dean

 supply
'; // Error Bit $thm['msgs'] = '

Messages:

%%msgs%%
'."\n"; $thm['msgs_bit'] = '
  • %%msg%%
    • '."\n"; // Picture Bit $thm['ind'] = ' %%rows%%
    '."\n"; $thm['ind_nopics'] = '

    No pictures found.
    '; $thm['ind_row_odd'] = ' %%tds%% '."\n"; $thm['ind_row_even'] = ' %%tds%% '."\n"; $thm['ind_pbit'] = '%%thumbn%% %%info%%'; $thm['ind_folderinfo'] = 'Folder'; $thm['ind_tmbbit'] = ' %%pic-name%%
    '; $thm['ind_notmbbit'] = ' No Thumbnail
    '; // pages bit $thm['pgs'] = '
    | Previous | %%pages%% Next |
    '."\n"; $thm['pgs_bit'] = '%%page-n-num%% | '; // hierachy bit $thm['hyrbit'] = '⁄ %%f-name%% '; // viewer bit $thm['viewer'] = '
    %%prev%% Return to Thumbnails %%next%%
    %%pic-name%%
    '; $thm['nextbit'] = 'Next'; $thm['prevbit'] = 'Previous'; // !> } // !!> } elseif ($internal == THM_EXT) { // external themes // only this directory $tname = basename ($tname); // check if exists if (!file_exists ($tname)) { load_theme ('std'); $msgs[] = 'External theme not found.'; error (); } // load theme require $tname; if (!isset ($thm)) { load_theme ('std'); $msgs[] = 'Not a picy theme file.'; error (); } } } ?>