// /-------------------------------------------------\ // | ############################################### | // | # ------------------------------------------- # | // | # --- Picy - a simple PHP folder gallery ---- # | // | # ------------------------------------------- # | // | ############################################### | // | # http://picy.infinitesimal.org/ # | // | ############################################### | // | # © 2004 - Adrian Stutz # | // | # This script is licensed unter a # | // | # creative Commons License. # | // | # http://creativecommons.org/licenses ¬ # | // | # /by-nc-sa/2.0/de/ # | // | # adrian.stutz@gmail.com # | // | ############################################### | // | # Table of Contents: # | // | # 0. Settings (line 49) # | // | # 1. Init (line 114) # | // | # 2. Redirects (line 187) # | // | # 3. Misc Functions (line 217) # | // | # 4. Final Theme Function (line 262) # | // | # 5. Create Thumbnail Function (line 292) # | // | # 6. Is_pic Function (line 417) # | // | # 7. Get_files Function (line 436) # | // | # 8. Fill_info Function (line 470) # | // | # 9. Main (line 559) # | // | # 10. Compile Main Output (line 601) # | // | # 11. Image Viewer (line 726) # | // | # 12. Tunnel Picture Function (line 902) # | // | # 13. Warning For Ie Users (line 1023) # | // | # 14. Pictures Stored Interally (line 1041) # | // | # 15. Themes (line 1073) # | // | ############################################### | // \-------------------------------------------------/ // Pre-init defenitions define ('THM_INT',true,false); define ('THM_EXT',false,false); // Use following code to set the table picy_hp up: /* CREATE TABLE `picy` ( `ip` tinytext NOT NULL, `key` tinytext, `pic` tinytext, PRIMARY KEY (`ip`(11)) ); */ // --------------------------------------------------- // -- 0. SETTINGS ------------------------------------ // --------------------------------------------------- // 'image/jpeg','gif'=>'image/gif','png'=>'image/png'); // Secure passed pictures from hotlinking? (thumbnails and pics small than thumbnails will be excluded from this) // - Options: true or false $set['img_hotprot'] = false; // Hotlinking protection type // - Options: 'file', 'mysql' or 'session' $set['img_hp_type'] = 'session'; // ## View ########################################## // Display how many pictures per page? // - Options: Positive non-decimal number from 1 to uselessly large $set['pics_pp'] = 36; // Range for user selectable number of pics per page, set to 'array ($set['pics_pp'],$set['pics_pp']);' to disable. // - Options: Two positive non-decimal numbers from 1 to uselessly large. First number must be smaller as or equal to the second $set['pp_range'] = array ($set['pics_pp'],$set['pics_pp']); // Use internal picy viewer? If not, the picture will be shown normally (like entering it directly into the browser) // - Options: true or false $set['use_viewer'] = true; // Pad Strings to x chars where apropriate // - Options: Positive non-decimal number from 1 to uselessly large $set['padlen'] = 18; // Theme-override for IE users. // - Options: false to turn it off or a theme index number $set['iethm'] = false; // Theme type and name. You can specify more use them one subgalleries (.pcx, while x is the numerical index of the theme) // - Options: array (x,y) where x is either THM_INT for internal and THM_EXT for external themes and y the name for filename $set['themes'] = array (array (THM_INT,'std'),array (THM_INT,'html401')); // Standard theme to use // - Options: Array index of the theme, positive non-decimal number including 0 $set['cthm'] = 0; // Theme user selectable (using thm=x in the url) // - Options: true or false $set['user_thm'] = true; // Display all folders in the gallery regardless of their extension? // - Options: true or false $set['all_folders'] = false; // ## Thumbnails ########################################## // Create thumbnails? This will automatically try to create a thumbnail once a picture without one is found. // - Options: true or false $set['make_thmbs'] = true; // Thumbnail size. Aspect ratio will be retained, those are max values. // - Options: array (x,y) where x is thumbnail width and y height. $set['tmb_size'] = array (100,75); // What thumbnail creation method to use? If the array has more than one value, the latter one will be used if the first fails. // - Options: 'gd' for internal php library (JPEG and PNG support, only GIF read support for PHP < 5 [see $set['gif_convto'] option]).'magick' for ImageMagick. // Has to be installed and proper path provided ($set['magick_path']). [http://www.imagemagick.org/] $set['tmb_method'] = array ('magick','gd'); // Path to the ImageMagick executables. // - Options: String or empty string ('') if ImageMagick is installed global $set['magick_path'] = ''; // Normally, ImageMagick will create thumbnails in the same format as the original picture. If you want different formats for thumbnailsyou can specify them here. // e.g. array ('gif'=>'png','tiff'=>'jpg'); would create png thumbnails for gif and jpg for tiff images. // - Options: 'x'=>'y' where x is extension defined in $set['img_exts'] and y extension supported by ImageMagick $set['conv_types'] = array (); // If you're using a GD version without GIF write support, you can specify here, what format thumbnails should be created in for GIF images. // - Options: 'png' or 'jpeg'. $set['gif_convto'] = 'png'; // ## MySQL ########################################## // MySQL options used for mysql image hotlinking (has to be activated by $set['img_hotprot'] and $img_ht_type. $set['mq_server'] = 'localhost'; $set['mq_user'] = ''; $set['mq_password'] = ''; $set['mq_db'] = ''; // !!> // --------------------------------------------------- // -- 1. INIT ---------------------------------------- // --------------------------------------------------- $picy_version = 'v0.7'; $msgs = array (); $pics = array (); // type names $types = array (1 => 'GIF', 2 => 'JPG', 3 => 'PNG', 4 => 'SWF', 5 => 'PSD', 6 => 'BMP', 7 => 'TIFF (intel byte order)', 8 => 'TIFF (motorola byte order)', 9 => 'JPC', 10 => 'JP2', 11 => 'JPX', 12 => 'JB2', 13 => 'SWC', 14 => 'IFF', 15 => 'WBMP', 16 => 'XBM'); // load current folder $folder = dirname ($_SERVER['SCRIPT_FILENAME']).'/'; $picy_root = dirname ($_SERVER['SCRIPT_FILENAME']); // not root folder? if (isset ($_GET['f']) && trim ($_GET['f']) != '') { // compile new path $fpath = str_replace ('..','',$_GET['f']); // enforce trailing slash if (substr ($fpath,-1) != '/') $fpath .= '/'; $folder .= $fpath; } else { $fpath = ''; } // valid folder? if (!file_exists ($folder) || !is_dir ($folder)) { $msgs[] = 'No valid directory.'; error (); } // set theme if ($fpath != '' && preg_match ('/(\.pc)(\d{1,2})$/',basename ($fpath))) { $set['cthm'] = preg_replace ('/(.*)(\.pc)(\d{1,2})$/','\3',basename ($fpath)); if (!isset ($set['themes'][$set['cthm']])) { $set['cthm'] = 0; $msgs[] = 'Theme not found.'; } } // prepare pass vars $qps = array(); $passvars = array ('f','pp','offset','warnok'); foreach ($passvars as $pv) { if (isset ($_GET[$pv])) $qps[$pv] = $_GET[$pv]; } // pp in range? if (isset ($_GET['pp'])) { if ($_GET['pp'] < $set['pp_range'][0]) { $msgs[] = 'Pics per page value out of range (can be no less than '.$set['pp_range'][0].')'; $set['pics_pp'] = $set['pp_range'][0]; } elseif ($_GET['pp'] > $set['pp_range'][1]) { $msgs[] = 'Pics per page value out of range (can be no more than '.$set['pp_range'][1].')'; $set['pics_pp'] = $set['pp_range'][1]; } else { $set['pics_pp'] = (int)$_GET['pp']; } } // ie users if ($set['iethm'] !== false && !isset ($_GET['warnok']) && !isset ($_GET['dp']) && strpos ($_SERVER['HTTP_USER_AGENT'],'MSIE') !== false && strpos ($_SERVER['HTTP_USER_AGENT'],'Opera') === false) { $set['cthm'] = $set['iethm']; } // select theme if ($set['user_thm'] && isset ($_GET['thm'])) { $set['cthm'] = (int)$_GET['thm']; if (!isset ($set['themes'][$set['cthm']])) { $set['cthm'] = 0; $msgs[] = 'Theme not found.'; } } // --------------------------------------------------- // -- 2. REDIRECTS ----------------------------------- // --------------------------------------------------- // redirect for picture output if (isset ($_GET['dp'])) { pass_pic ($_GET['dp']); exit; } // redirect for picture tunnel if (isset ($_GET['pic'])) { tunnel_pic ($_GET['pic']); exit; } // redirect for viewer if (isset ($_GET['view'])) { show_viewer ($_GET['view']); exit; } // --------------------------------------------------- // -- 3. MISC FUNCTIONS ------------------------------ // --------------------------------------------------- function pad_string ($str,$len=-1) { global $set; if ($len == -1) $len = $set['padlen']; if (strlen ($str) > $len) { $str = substr ($str,0,$len-3); $str .= '...'; } return $str; } function make_query ($args) { global $qps; $temp = array_merge ($qps,$args); $qstr = ''; foreach ($temp as $key => $var) { if ($var !== false) $qstr .= '&'.$key.'='.$var; } return $qstr; } function error () { print_main (); exit; } function picy_mysql_conn () { global $set,$msgs; $connection = mysql_connect($set['mq_server'],$set['mq_user'],$set['mq_password']); if (!$connection) { $msgs[] = 'MySQL connection failed for picy hotlink protection.'; error (); } $db = mysql_select_db($set['mq_db'],$connection); if (!$db) { $msgs[] = 'Couldn\'t select mysql DB for picy hotlink protection.'; error (); } } // --------------------------------------------------- // -- 4. FINAL THEME FUNCTION ------------------------ // --------------------------------------------------- function print_main ($mainbit='',$mainwidth=525) { global $thm, $msgs, $set; if (!isset ($thm['html'])) load_theme ($set['themes'][$set['cthm']][1],$set['themes'][$set['cthm']][0]); // header + errors if (count ($msgs) > 0) { $out_temp = array (); foreach ($msgs as $msg) { $out_temp[] = str_replace ('%%msg%%',$msg,$thm['msgs_bit']); } $msgbit = str_replace ('%%msgs%%',implode('',$out_temp),$thm['msgs']); } else { $msgbit = ''; } $mainbit = $msgbit.$mainbit; // final output $html = str_replace ('%%res-name%%',basename($folder),$thm['html']); $html = str_replace ('%%main-width%%',$mainwidth,$html); print str_replace ('%%picy-main%%',$mainbit,$html); } // --------------------------------------------------- // -- 5. CREATE THUMBNAIL FUNCTION ------------------- // --------------------------------------------------- function make_thmb ($pfn) { global $msgs,$set,$types; $success = false; foreach ($set['tmb_method'] as $tm) { if ($tm == 'gd') { $info = getimagesize ($pfn); // get image types supported $gd_info = gd_info (); $handlers = array (); if ($gd_info['GIF Read Support']) $handlers[1] = 'imagecreatefromgif'; if ($gd_info['JPG Support']) $handlers[2] = 'imagecreatefromjpeg'; if ($gd_info['PNG Support']) $handlers[3] = 'imagecreatefrompng'; $outh = array (1=>'imagegif',2=>'imagejpeg',3=>'imagepng'); if (!$gd_info['GIF Create Support']) { $outh[1] = 'image'.$set['gif_convto']; $msgs[] = 'GIF image thumbnails will be converted to '.$set['gif_convto'].'.'; } if (array_key_exists ($info[2],$handlers)) { // load image $func = $handlers[$info[2]]; $img = $func ($pfn); if ($img == '') { $msgs[] = "GD: Image '".basename($pfn)."' could not be opened."; continue; } // determin resize factor if ($info[0] > $info[1]) { $factor = $set['tmb_size'][0]/$info[0]; } else { $factor = $set['tmb_size'][1]/$info[1]; } if ($factor > 1) $factor = 1; // thumbnail sizes $width = $info[0] * $factor; $height = $info[1] * $factor; // resize image $tmb = imagecreatetruecolor ($width,$height); imagecopyresampled ($tmb,$img,0,0,0,0,$width,$height,$info[0],$info[1]); // new filename $afn = basename ($pfn); $type = preg_replace ('/(.*)(\.)([^.]+)$/','\3',$afn); $fn = preg_replace ('/(.*)(\.)([^.]+)$/','\1',$afn).'.tmb.'.$type; // write thumbnail $func = $outh[$info[2]]; @$func ($tmb,dirname($pfn).'/'.$fn); if (!file_exists (dirname($pfn).'/'.$fn)) { $msgs[] = "GD: Couldn't write thumbnail for '".$afn."'."; continue; } else { $msgs[] = "'".$afn."': Thumbnail created with GD."; $success = true; break; } } else { $msgs[] = "GD: Picture format '".$types[$info[2]]."' not supported for thumbnail creation."; continue; } } elseif ($tm == 'magick') { // compile new filename $afn = basename ($pfn); $type = preg_replace ('/(.*)(\.)([^.]+)$/','\3',$afn); if (!isset ($set['conv_types'][$type])) $set['conv_types'][$type] = $type; $fn = preg_replace ('/(.*)(\.)([^.]+)$/','\1',$afn).'.tmb.'.$set['conv_types'][$type]; // do not upsample $info = getimagesize ($pfn); // determin resize factor if ($info[0] > $info[1]) { $factor = $set['tmb_size'][0]/$info[0]; } else { $factor = $set['tmb_size'][1]/$info[1]; } if ($factor > 1) $factor = 1; // thumbnail sizes $width = $info[0] * $factor; $height = $info[1] * $factor; // compile command $command = $set['magick_path'].'convert -size '.$width.'x'.$height.' "'.$pfn.'" '; $command .= '-resize '.$width.'x'.$height.' +profile "*" '; $command .= '"'.dirname($pfn).'/'.$fn.'" 2>&1'; $error = shell_exec ($command); if (!file_exists (dirname($pfn).'/'.$fn)) { if ($error != '') { $msgs[] = "ImageMagick: Couldn't create thumbnail for ".$afn." (".$error.")"; continue; } else { $msgs[] = "ImageMagick: Couldn't create thumbnail for ".$afn." (unknown reason)."; continue; } } $msgs[] = "'".$afn."': Thumbnail created with ImageMagick."; $success = true; break; } else { $msgs[] = "'".$tm."': unkown method for thumbnail creation."; continue; } } return $success; } // --------------------------------------------------- // -- 6. IS_PIC FUNCTION ----------------------------- // --------------------------------------------------- function is_pic ($str,$no_folders=false,$thumbs=false) { global $set,$folder; if (in_array (preg_replace ('/(.*)(\.)([^.]+)$/','\3',strtolower($str)),$set['img_exts']) && strstr ($str,'.blk.') === false && ($thumbs || strstr ($str,'.tmb.') === false)) { return true; } elseif (is_dir ($folder.$str) && !$no_folders && (preg_match ('/(\.pc)(\d{1,2})$/',strtolower($str)) || $set['all_folders'])) { return true; } else { return false; } } // --------------------------------------------------- // -- 7. GET_FILES FUNCTION -------------------------- // --------------------------------------------------- function get_files ($path) { global $msgs; // Check if folder if (!is_dir ($path)) { $msgs[] = "'".basename($paht)."': Is not a folder."; return false; } // Try to open folder $dir = opendir ($path); if ($dir === false) { $msgs[] = "'".basename($paht)."': Could not be opened."; return false; } // Read files into array while (($cf = readdir ($dir)) !== false) { if ($cf != '..' && $cf != '.') { $files[] = $cf; } } @natcasesort ($files, 'DateCmp'); return $files ; } // --------------------------------------------------- // -- 8. FILL_INFO FUNCTION -------------------------- // --------------------------------------------------- function fill_info ($pic) { global $set, $folder, $fpath, $types; // Check if folder if (!is_dir ($folder.$pic)) { // compile basic info $info['ext'] = preg_replace ('/(.*)(\.)([^.]+)$/','\3',$pic); $info['name'] = preg_replace ('/(.*)(\.)([^.]+)$/','\1',$pic); // special link for viewer if ($set['use_viewer']) { $info['link'] = $_SERVER['PHP_SELF'].'?'.make_query (array ('view'=>$pic)); } else { $info['link'] = $fpath.$pic; } // special path for passthru if ($set['img_passthru']) { $info['path'] = $_SERVER['PHP_SELF'].'?'.make_query (array ('pic'=>$pic)); } else { $info['path'] = $fpath.$pic; } $info['path_int'] = $folder.$pic; // get additonal info $temp = getimagesize ($folder.$pic); $info['size'] = filesize($folder.$pic); $info['width'] = $temp[0]; $info['height'] = $temp[1]; $info['type'] = $types[$temp[2]]; // check for thumbnail / do we need a thumbnail anyway? if ($temp[0] < $set['tmb_size'][0] && $temp[1] < $set['tmb_size'][1]) { // special path for passthru if (!$set['img_passthru']) { $info['thm'] = $fpath.$pic; } else { $info['thm'] = $_SERVER['PHP_SELF'].'?'.make_query (array ('pic'=>$pic)); } } elseif (file_exists ($folder.$info['name'].'.tmb.'.$info['ext'])) { // special path for passthru if (!$set['img_passthru']) { $info['thm'] = $fpath.$info['name'].'.tmb.'.$info['ext']; } else { $info['thm'] = $_SERVER['PHP_SELF'].'?'.make_query (array ('pic'=>$info['name'].'.tmb.'.$info['ext'])); } } else { // create thumbnail if requested if ($set['make_thmbs']) { if (make_thmb ($info['path_int'])) { // special path for passthru if (!$set['img_passthru']) { $info['thm'] = $fpath.$info['name'].'.tmb.'.$info['ext']; } else { $info['thm'] = $_SERVER['PHP_SELF'].'?'.make_query (array ('pic'=>$info['name'].'.tmb.'.$info['ext'])); } } else { $info['thm'] = false; } } else { $info['thm'] = false; } } } else { // compile basic info $info['ext'] = preg_replace ('/(.*)(\.)([^.]+)$/','\3',$pic); $info['name'] = preg_replace ('/(.*)(\.)([^.]+)$/','\1',$pic); $info['link'] = $_SERVER['PHP_SELF'].'?'.make_query (array('f'=>$fpath.$pic,'offset'=>false)); $info['path_int'] = $folder.$pic; // get additonal info $info['type'] = 'Folder'; $info['thm'] = $_SERVER['PHP_SELF'].'?dp=folder'; } return $info; } // --------------------------------------------------- // -- 9. MAIN ---------------------------------------- // --------------------------------------------------- // generate hierarchy $hyr[] = array ('name'=>preg_replace ('/(.*)(\.)([^.]+)$/','\1',basename($picy_root)),'link'=>$_SERVER['PHP_SELF'].'?'.make_query(array('f'=>false,'offset'=>false))); $parts = explode ('/',$fpath); $temppath = ''; foreach ($parts as $part) { if ($part != '') { $temppath .= $part.'/'; $hyr[] = array ('name'=>preg_replace ('/(.*)(\.)([^.]+)$/','\1',$part),'link'=>($_SERVER['PHP_SELF'].'?'.make_query(array('f'=>$temppath,'offset'=>false)))); } } // open folder $files = get_files ($folder); // Offset if (!isset ($_GET['offset'])) { $off = 0; } else { $off = (int)$_GET['offset']; } $pics = array (); // filter pictures $picfiles = array_filter ($files,'is_pic'); $picfiles = array_values ($picfiles); // total pictures $pn = count ($picfiles); // search for pictures / fill with info for ($i=$off;$i 0) { $info_tags = array ('%%pic-link%%','%%pic-path%%','%%pic-name%%','%%pic-size%%', '%%tbl-width%%','%%img-type%%','%%tmb-width%%','%%tmb-height%%', '%%pic-width%%','%%pic-height%%'); $tdbits = array (); $rowbits = array (); $pagebit = ''; $tablebit = ''; $hyrbit = ''; for ($i=0;$i $lp) { return $lp; } else { return $int; } } // generate page links $page_tags = array ('%%first-page%%','%%last-page%%','%%prev-page%%','%%next-page%%'); $page_bitags = array ('%%page-n-link%%','%%page-n-num%%'); $tags_data = array ($_SERVER['PHP_SELF'].'?'.make_query(array('offset'=>'0')), $_SERVER['PHP_SELF'].'?'.make_query(array('offset'=>$lp)), $_SERVER['PHP_SELF'].'?'.make_query(array('offset'=>obey_limits($_GET['offset']-$set['pics_pp']))), $_SERVER['PHP_SELF'].'?'.make_query(array('offset'=>obey_limits($_GET['offset']+$set['pics_pp'])))); // output $pbits = array (); for ($i=1;$i<=ceil($pn/$set['pics_pp']);$i++) { $bittags_data = array ($_SERVER['PHP_SELF'].'?'.make_query(array('offset'=>(($i-1)*$set['pics_pp']))),$i); $pbits[] = str_replace ($page_bitags,$bittags_data,$thm['pgs_bit']); } $pagebit = str_replace ($page_tags,$tags_data,$thm['pgs']); $pagebit = str_replace ('%%pages%%',implode('',$pbits),$pagebit); } // compile folder hierarchy for ($i=0;$i$fpath))); // generate key for hotlink protection if ($set['img_hotprot']) { if ($set['img_hp_type'] == 'file') { // generate key $key = substr (md5 (uniqid (rand())),0,10); // check for file if (file_exists ($folder.'picy_key_'.$key.'.pkf')) { $msgs[] = 'Key collision error.'; error (); } // write key $keyfile = fopen ($folder.'picy_key_'.$key.'.pkf','w'); if ($keyfile === false) { $msgs[] = 'Cannot open dir for writing.'; error (); } $status = fwrite ($keyfile,time()); if ($status === false) { $msgs[] = 'Cannot write file.'; error (); } fclose ($keyfile); // pass key $tags_data[0] = $curr['path'].'&key='.$key; } elseif ($set['img_hp_type'] == 'mysql') { // connect picy_mysql_conn (); // generate key $key = substr (md5 (uniqid (rand())),0,10); // add to database $sql = "REPLACE INTO picy (`ip`,`pic`,`key`) VALUES ('".$_SERVER['REMOTE_ADDR']."','".addslashes($pic)."','".$key."')"; $err = mysql_query ($sql); if (!$err) { $msgs[] = 'A MySQL error occured.'; } // pass key $tags_data[0] = $curr['path'].'&key='.$key; } elseif ($set['img_hp_type'] == 'session') { // start session session_start (); // save into session $_SESSION['hp']['ip'] = $_SERVER['REMOTE_ADDR']; $_SESSION['hp']['pic'] = $pic; } else { $msgs[] = 'Unkown hotlink protection type.'; error (); } } // main width if ($curr['width']+26 > 525) { $width = $curr['width']+26; } else { $width = 525; } $picbit = str_replace ($info_tags,$tags_data,$thm['viewer']); $picbit = str_replace ('%%prev%%',$prevbit,$picbit); $picbit = str_replace ('%%next%%',$nextbit,$picbit); print_main ($picbit,$width); } // --------------------------------------------------- // -- 12. TUNNEL PICTURE FUNCTION -------------------- // --------------------------------------------------- function tunnel_pic ($pic) { global $folder, $fpath, $set, $msgs; // valid picture? if (!is_pic (basename($pic),true,true)) { $msgs[] = 'No valid picture.'; error (); } // get folder contents $files = get_files ($folder); // only valid pictures // make is_pic function with no folders for callback function is_pic_nf (&$str) { return is_pic ($str,true,true); } // remove non-pic files and folders $files = array_filter ($files,'is_pic_nf'); // reindex array $files = array_values ($files); // look for picture if (($pos = array_search ($pic,$files)) === false) { $msgs[] = 'Picture not found.'; error (); } // get dimensions $temp = getimagesize ($folder.$pic); // hotlink protection if ($set['img_hotprot'] && strstr ($pic,'.tmb.') === false && ($temp[0] > $set['tmb_size'][0] && $temp[1] > $set['tmb_size'][1])) { // no dir up-s $_GET['key'] = str_replace ('..','',$_GET['key']); if ($set['img_hp_type'] == 'file') { if (trim ($_GET['key']) == '' || !file_exists ($folder.'picy_key_'.$_GET['key'].'.pkf')) { $msgs[] = 'You don\'t have permission to access this file.'; error (); } else { unlink ($folder.'picy_key_'.$_GET['key'].'.pkf'); } } elseif ($set['img_hp_type'] == 'mysql') { // open connection picy_mysql_conn (); // look for key $sql = "SELECT * FROM picy WHERE ip = '".$_SERVER['REMOTE_ADDR']."' AND pic = '".addslashes($pic)."'"; $res = mysql_query ($sql); if (!$res) { $msgs[] = 'A MySQL error occured.'; error (); } if (!mysql_num_rows ($res) == 0) { if (mysql_result ($res,0,'key') != $_GET['key']) { $msgs[] = 'You don\'t have permission to access this file.'; error (); } } else { $msgs[] = 'You don\'t have permission to access this file.'; error (); } // remove key $sql = "DELETE * FROM picy WHERE ip = '".$_SERVER['REMOTE_ADDR']."'"; mysql_query ($sql); } elseif ($set['img_hp_type'] == 'session') { // start session session_start (); if (!isset ($_SESSION['hp']) || $_SESSION['hp']['ip'] != $_SERVER['REMOTE_ADDR'] || $_SESSION['hp']['pic'] != $pic) { unset ($_SESSION['hp']); $msgs[] = 'You don\'t have permission to access this file.'; error (); } unset ($_SESSION['hp']); } else { $msgs[] = 'Unkown hotlink protection type.'; error (); } } // get file extension $ext = strtolower (preg_replace ('/(.*)(\.)([^.]+)$/','\3',$pic)); if (!isset ($set['mime_types'][$ext])) { $msgs[] = 'No suiteable MIME type found.'; error (); } // tunnel picture $file = fopen ($folder.$pic,'rb'); if ($file === false) { $msgs[] = 'Picture couldn\'t be opened.'; error (); } header ('Content-type: '.$set['mime_types'][$ext]); fpassthru ($file); fclose ($file); } // --------------------------------------------------- // -- 14. PICTURES STORED INTERALLY ------------------ // --------------------------------------------------- function pass_pic ($p) { // } elseif ($p == 'file') { // } elseif ($p == 'icon') { // } elseif ($p == 'logo') { // } elseif ($p == 'almost-html401') { // } // !!> } // --------------------------------------------------- // -- 15. THEMES ------------------------------------- // --------------------------------------------------- function load_theme ($tname,$internal=THM_INT) { global $msgs, $thm, $picy_version; if ($internal == THM_INT) { // Cats!
%%picy-main%%
ford thunderbird 1978 ford thunderbird 1978- gone sarah jean shelton sarah jean shelton- art carlsbad white pages carlsbad white pages- add dialing rules for england dialing rules for england- boat michael goski michael goski- were angela dills angela dills- feed cook a papaya cook a papaya- love dance shoes louisville dance shoes louisville- stood health resources knoxville health resources knoxville- eat brook international puzzles brook international puzzles- have hillsboro marine hillsboro marine- be robin hood actors robin hood actors- surface cip development san diego cip development san diego- solution hamilton schools mays landing hamilton schools mays landing- while meaning of picayune meaning of picayune- turn royal doulton frame royal doulton frame- learn gas valve 110 gas valve 110- arm chesapeake novelty ralph lauren chesapeake novelty ralph lauren- indicate childbirth east indian rituals childbirth east indian rituals- thing used fur boston ma used fur boston ma- made harry potter s owl harry potter s owl- engine metal oxide pigments hazard metal oxide pigments hazard- indicate escort diff oil capacity escort diff oil capacity- live michael vesser michael vesser- proper almond lane almond lane- seat monitor technitian omaha ne monitor technitian omaha ne- bird park inn rauland park inn rauland- mouth veseley morgan adoption veseley morgan adoption- element manassas va hospital manassas va hospital- map maryland 4 h camp maryland 4 h camp- particular gdt telephone protection gdt telephone protection- print bigraphy otis barton bigraphy otis barton- organ chambersburg phone numbers chambersburg phone numbers- spell carpenter bee carpenter bee- summer alessio di paola alessio di paola- wall orlando places to eat orlando places to eat- wrote elderly day care eldersburg elderly day care eldersburg- success kevin mcneely kevin mcneely- notice 13 colonies brochure 13 colonies brochure- fat vida guerra magazine photos vida guerra magazine photos- cloud ef johnson 5100 series ef johnson 5100 series- probable riley hospital autism center riley hospital autism center- nation barry dillon barry dillon- room robin gibb wedding day robin gibb wedding day- ago the manor everett wa the manor everett wa- yet la bella homes la bella homes- fast living in merida mexico living in merida mexico- base appliance ascot gas repair appliance ascot gas repair- grand rosa parks cartoons rosa parks cartoons- can florida baptist childrens homes florida baptist childrens homes- boat sun intensity map sun intensity map- south oxbow napa oxbow napa- sure gsp totowa nj gsp totowa nj- bat sofies verden sofies verden- both ford truck brake problems ford truck brake problems- other realtor chiefland florida realtor chiefland florida- vary raleigh metal recycling raleigh metal recycling- die altgeld street chicago il altgeld street chicago il- post disney world gay pride disney world gay pride- hair siam sunset cia siam sunset cia- cloud california agriculture cirriculum california agriculture cirriculum- after davison lawsuit davison lawsuit- atom carte church furniture hattiesburg carte church furniture hattiesburg- brother olive bread dipping olive bread dipping- melody oh girl song chase oh girl song chase- those richmar home page richmar home page- through towns near lake baikal towns near lake baikal- did anniston alabama boat repair anniston alabama boat repair- continent florida fort santa maria florida fort santa maria- probable derek patton derek patton- north christian counselors cleveland ohio christian counselors cleveland ohio- which bottle collecters in canada bottle collecters in canada- stay alaska pioneer oil company alaska pioneer oil company- meat mars electric westlake ohio mars electric westlake ohio- grass dell 1704fpt resolution dell 1704fpt resolution- field trucking school bunnell florida trucking school bunnell florida- cost marjorie reed gordon donor marjorie reed gordon donor- ran countrywide home loans history countrywide home loans history- fill eatons ranch wyoming eatons ranch wyoming- such hamlet one page summary hamlet one page summary- year stone keep castle stone keep castle- hope tire size speed conversion tire size speed conversion- key atlantic highlands nj fishing atlantic highlands nj fishing- string ar15 surplus magazines ar15 surplus magazines- five english to spanish ictionary english to spanish ictionary- draw communications canada isc communications canada isc- she hartland statue hartland statue- week lever corkscrew granite lever corkscrew granite- shore dorothy king kong dorothy king kong- six dunlap west dunlap west- start homedic bath tub jacuzi homedic bath tub jacuzi- she christopher hokanson christopher hokanson- meet entertainment alan davis mississippi entertainment alan davis mississippi- oxygen gary null and hives gary null and hives- from greek origin of venus greek origin of venus- block fine thug niggas fine thug niggas- measure sea turtle florida sea turtle florida- shoe robert parnell robert parnell- box redmond oregon crimes redmond oregon crimes- by hyundai leases canada hyundai leases canada- sing john stuart explorer john stuart explorer- plan central line osmolarity max central line osmolarity max- city wilson lizard wilson lizard- band hunt enterprise hunt enterprise- still roberts portable buildings roberts portable buildings- hunt nephrology jobs new york nephrology jobs new york- south cliffside park in racine cliffside park in racine- six start no kill shelter start no kill shelter- clean clermont business directory qld clermont business directory qld- need imax washington imax washington- coast south anna river south anna river- sudden nathan farrar sc nathan farrar sc- summer kimberly t joyce kimberly t joyce- soldier costal carolina university costal carolina university- temperature benton city water benton city water- world motels mcpherson kansas motels mcpherson kansas- get angela damon angela damon- lift ramsey clan ramsey clan- thing ford motorhome chassiss ford motorhome chassiss- sheet smithers british columbia smithers british columbia- exercise bingo middlesboro kentucky bingo middlesboro kentucky- tiny virginia avanesyan virginia avanesyan- log eugene mcgovern said eugene mcgovern said- six sims on usb port sims on usb port- play pedalos john howard pedalos john howard- populate schrott alexis rotraut schrott alexis rotraut- reply classroom valentine cards classroom valentine cards- am skydive interlaken skydive interlaken- electric everest steam mop everest steam mop- of fattening up gay guys fattening up gay guys- spoke tijeras arroyo golf course tijeras arroyo golf course- equate gilberts furniture gilberts furniture- clean charlotte bike lanes charlotte bike lanes- hot cruise headquarters salem oregon cruise headquarters salem oregon- yard hot wheels treasure hunt hot wheels treasure hunt- smell us patent attorney phoenix us patent attorney phoenix- indicate kendra scott designs kendra scott designs- event vulcan riders association australia vulcan riders association australia- touch cash prices wallstreet corn cash prices wallstreet corn- perhaps model zoning legislation model zoning legislation- before sanford guides sanford guides- feed diamond tool mfrs diamond tool mfrs- wrote hot mineral springs fl hot mineral springs fl- major jackson acura roswell ga jackson acura roswell ga- port rat chase computer cd rat chase computer cd- simple toronto exhibition center map toronto exhibition center map- page broadway led image broadway led image- desert dot matthews dot matthews- person argos exercise bikes argos exercise bikes- beauty deleware golf courses deleware golf courses- left whitetail deer desktop themes whitetail deer desktop themes- job holston hills counrty club holston hills counrty club- mean assembly christian eagle rock assembly christian eagle rock- bank light weight extension cords light weight extension cords- fun nell fenwick jessica nell fenwick jessica- hand newburyport massachussetts newburyport massachussetts- man fishing colorado river texas fishing colorado river texas- school garden village hull garden village hull- own quote by ambrose burnside quote by ambrose burnside- motion waterfront vacation homes vermont waterfront vacation homes vermont- stick krav maga corona krav maga corona- ten cedar park architectural engineering cedar park architectural engineering- left vermont castings grill cleaning vermont castings grill cleaning- join neighborhood gas vehicles neighborhood gas vehicles- crowd remax brooklin remax brooklin- their kathleen youngman kathleen youngman- engine north conway water park north conway water park- burn the swapper magazine the swapper magazine- cost arlington ie arlington ie- green omega metal treating incorporated omega metal treating incorporated- cross eastern natioal eastern natioal- point kim porter child support kim porter child support- rope st armand s sarasota restaurants st armand s sarasota restaurants- party brown deer herald wi brown deer herald wi- high lotus dubois lotus dubois- yard effingers bound brook effingers bound brook- pair white bear lake resort white bear lake resort- sharp white velvet gowns white velvet gowns- reach univision en canada univision en canada- which delphi superpage delphi superpage- eat tommie hilton tommie hilton- great a105 s2141 power cord a105 s2141 power cord- four virginia tech bathroom accessories virginia tech bathroom accessories- meet naperville north younglife naperville north younglife- he of stone countertops of stone countertops- seat canadian goose subspecies canadian goose subspecies- her kim kardashian s playboy pictures kim kardashian s playboy pictures- than river cside social club river cside social club- band simpsons desktop images simpsons desktop images- tiny jersey jim fire tower jersey jim fire tower- born lucas rehoboth reformed lucas rehoboth reformed- lead round thin magnets round thin magnets- power news laramie wyoming news laramie wyoming- now ford of bellevue ford of bellevue- cell zeon blue headlights zeon blue headlights- able roberta herman humphrey roberta herman humphrey- separate paul r fulton paul r fulton- fruit lewis truck lines lewis truck lines- press nanuet new york county nanuet new york county- decimal lewis bowl lewis bowl- collect deerfield windsor albany ga deerfield windsor albany ga- strange scro s roofing raleigh scro s roofing raleigh- excite marcos fire island pines marcos fire island pines- favor califronia standards for teachers califronia standards for teachers- column gloucester massachusetts used clothes gloucester massachusetts used clothes- this kpfk al young poet kpfk al young poet- shine joseph s johnston parkersburg joseph s johnston parkersburg- plane campgrounds in clayton ny campgrounds in clayton ny- idea orion dreamer native poem orion dreamer native poem- plain r lee corbet r lee corbet- best cornwall ontario woman sex cornwall ontario woman sex- sing tricia moore tricia moore- speak raymond l murray biography raymond l murray biography- every lone oak band lone oak band- hard aclu wilson county tennessee aclu wilson county tennessee- sight murray pearlman attorney murray pearlman attorney- water bev leigh iii wachovia bev leigh iii wachovia- certain bloomsbury auction london uk bloomsbury auction london uk- wing spirit california pottery spirit california pottery- division brazil fan boobas brazil fan boobas- form michelle smith seattle michelle smith seattle- power arizona black bear surveys arizona black bear surveys- death norvasc beta blocker norvasc beta blocker- law sheerweave solar shades washington sheerweave solar shades washington- require attorneys in victorville california attorneys in victorville california- round georgetown address plaque georgetown address plaque- other cd rates chicago cd rates chicago- hear mi dulce doncella lyrics mi dulce doncella lyrics- fly rico act criticisms rico act criticisms- and jelco johnson amd johnson jelco johnson amd johnson- father chef s table bradenton chef s table bradenton- caught wild turkey egg fertilization wild turkey egg fertilization- shell allegro romano san francisco allegro romano san francisco- late printer stands oak printer stands oak- once uhaul madison wisconsin uhaul madison wisconsin- winter dharma center nc dharma center nc- pattern violet goar violet goar- must pataskala presbyterian church ohio pataskala presbyterian church ohio- meant michael gorbitz michael gorbitz- share nude griffins nude griffins- sugar continent page wund com continent page wund com- chair redbird tony southwest artist redbird tony southwest artist- reply sell washington nationals tickets sell washington nationals tickets- weight tatiana butler wrestling tatiana butler wrestling- sense county auditor lorain ohio county auditor lorain ohio- eight greenville tn escorts greenville tn escorts- pull erin express 07 erin express 07- measure rio physical therapy portland rio physical therapy portland- wide k g mens store houston k g mens store houston- mind riverside trailers riverside trailers- wrong dannebrog dannebrog- strong california inn laurel maryland california inn laurel maryland- with valparaiso martial arts valparaiso martial arts- sleep downloadble south park episides downloadble south park episides- does wendy hill park wendy hill park- page hannaford riverside portland maine hannaford riverside portland maine- station arizona cordoroy jean jacket arizona cordoroy jean jacket- spoke bridgeport boss 6 bridgeport boss 6- said barcelona how many fans barcelona how many fans- toward florida wild fire map florida wild fire map- tube tsar russia language tsar russia language- interest sex for cash gym sex for cash gym- stream river cess liberia river cess liberia- will virginia beach beach houses virginia beach beach houses- board power walking shoes power walking shoes- is toronto condo dog friendly toronto condo dog friendly- while toungue and groove walls toungue and groove walls- trade glass shade shell fitter glass shade shell fitter- hit cigar lables in miami cigar lables in miami- climb du bois watches du bois watches- light sanderling corolla nc sanderling corolla nc- bit lodging in beverly ma lodging in beverly ma- bell ron ely author ron ely author- thought country singer north vancouver country singer north vancouver- cent gm ford job loss gm ford job loss- listen wegscheid enterprises wegscheid enterprises- free cincinnati resume technical communicator cincinnati resume technical communicator- magnet handle bouncy balls handle bouncy balls- come dorian griffin dorian griffin- serve hazards static electricity hazards static electricity- enough arlington electrical parts arlington electrical parts- roll citizen model ay5 citizen model ay5- column rebecca richards dvd rebecca richards dvd- like kentucky rv accident kentucky rv accident- ever tennessee power plants tennessee power plants- sugar bay breeze sanford nc bay breeze sanford nc- idea rick springfield concertr rick springfield concertr- among magnum cash advance nc magnum cash advance nc- write janet tom hill washington janet tom hill washington- your rancho santa fe photos rancho santa fe photos- paper day of rejoicing hanukkah day of rejoicing hanukkah- rich kim simith kim simith- state basketball goals dallas basketball goals dallas- hard queen s robe butterfly bush queen s robe butterfly bush- position election results oakland school election results oakland school- consider sackets harbor ny bbq sackets harbor ny bbq- many westlake center daly city westlake center daly city- care deal with whining puppies deal with whining puppies- four minneapolis suburb bloomington minneapolis suburb bloomington- read adrian peterson free wallpapers adrian peterson free wallpapers- success jim sinclair derivatives haywire jim sinclair derivatives haywire- people ford ranger 2009 ford ranger 2009- spoke sommerset red maple sommerset red maple- slip motel moses lake wa motel moses lake wa- probable pinelands insurance company pinelands insurance company- enter gas stoves direct vent gas stoves direct vent- bread amsterdam rstaurant ajax floodlights amsterdam rstaurant ajax floodlights- course angie savage movie list angie savage movie list- I water retrictions howard county water retrictions howard county- they edward sarnecky edward sarnecky- whose winnebago county jail records winnebago county jail records- long automobiles electrical power automobiles electrical power- cow comfort aire furnaces comfort aire furnaces- event super duck excursions charlestown super duck excursions charlestown- note sandy domingo florida radio sandy domingo florida radio- capital ford clutch fan ford clutch fan- most dubloons beaches in florida dubloons beaches in florida- join rodney logan rodney logan- depend tree climbing goats morocco tree climbing goats morocco- type chester river medical center chester river medical center- open movie theatres in tucson movie theatres in tucson- connect breed s hardware austin breed s hardware austin- matter sexual massage harrisburg sexual massage harrisburg- still virginia creeper bicycle trail virginia creeper bicycle trail- valley 98 5 mike fm boston 98 5 mike fm boston- see warren drummond new york warren drummond new york- stand margaret river bead company margaret river bead company- moment rescue me marathon rescue me marathon- one goodnite inn cypress ca goodnite inn cypress ca- pound california floods 2008 california floods 2008- brought flora goddess of flowers flora goddess of flowers- than parakeet adoption venice california parakeet adoption venice california- skill sims 2 graveyard sims 2 graveyard- mass washington rock quarry washington rock quarry- walk pennwest homes pa pennwest homes pa- sell dominic lo galbo dominic lo galbo- sun onartio deaf camp onartio deaf camp- fruit potter roger dean potter roger dean- original sapphire engagement tings sapphire engagement tings- weather roland sound modules japan roland sound modules japan- open antique oak restoration tips antique oak restoration tips- their cooke denison cooke denison- bought ceative audigy audio drivers ceative audigy audio drivers- mine black history lesion black history lesion- continue climate of north dakota climate of north dakota- swim green valley monk green valley monk- she florists marble falls texas florists marble falls texas- invent mr brooks picture mr brooks picture- result inside stories iii inside stories iii- repeat delran shooting club delran shooting club- sent sutter butte state park sutter butte state park- strange thomas clamp endotracheal thomas clamp endotracheal- suffix tilknytning til levering av tilknytning til levering av- paragraph ophra s reading list ophra s reading list- past manitou front forks manitou front forks- cool langley laporte langley laporte- shop lynne cheney born lynne cheney born- cause hershey mill 55 hershey mill 55- try tax assessments in florida tax assessments in florida- front san pedro torrent san pedro torrent- exact hotel monacco denver hotel monacco denver- shoulder emma powell emma powell- fly mulligans hollow skatepark michigan mulligans hollow skatepark michigan- sudden cmt little beauties cmt little beauties- tool sun canyon inn az sun canyon inn az- new villa bel air villa bel air- save lordi hard rock lyrics lordi hard rock lyrics- fresh vacations in galapagos islands vacations in galapagos islands- I carlton nelson farmer carlton nelson farmer- bat taylor fladgate wine taylor fladgate wine- were barnes delta beckwith knox barnes delta beckwith knox- were the sims songs the sims songs- deal envirian of bucks county envirian of bucks county- while rick mccomb realtor rick mccomb realtor- miss the green mountain state the green mountain state- salt ford ranger supercab 2wd ford ranger supercab 2wd- famous apartment rental scottsdale arizona apartment rental scottsdale arizona- experience decorative western tool box decorative western tool box- than 2004 triumph daytona windscreen 2004 triumph daytona windscreen- knew kaiser permanente small business kaiser permanente small business- cow lesbian fucked by guy lesbian fucked by guy- edge hotel valadier rome hotel valadier rome- hold little lakes valley backpack little lakes valley backpack- farm luxury appartment rome luxury appartment rome- finish boulder symposium 2008 boulder symposium 2008- note pharmacy in tijuana mexico pharmacy in tijuana mexico- short koa campgrounds st petersburg koa campgrounds st petersburg- face shiloh reading shiloh reading- shine dr pruitt dallas tx dr pruitt dallas tx- level superior park homes superior park homes- flow japanese honor symbol japanese honor symbol- under gay hookups reno gay hookups reno- grass ocala civic center ocala civic center- notice life of dave sargent life of dave sargent- log bolton anthony second journey bolton anthony second journey- to ron kerr campbell river ron kerr campbell river- among albert einstein personal biography albert einstein personal biography- glad pacific optical of bainbridge pacific optical of bainbridge- woman use me amy lee use me amy lee- process hummer in greenwood indiana hummer in greenwood indiana- would cinnamon grows california florida cinnamon grows california florida- thing wood birthday bethesda potomac wood birthday bethesda potomac- wheel beacon place zanesville ohio beacon place zanesville ohio- gentle interlocking stone interlocking stone- crop mobile fidelity speakers mobile fidelity speakers- stretch davids medienkritik july davids medienkritik july- world nancy odom quilting patterns nancy odom quilting patterns- lie brookside appartments newberry fl brookside appartments newberry fl- both dance beverly pohl dance beverly pohl- that peolosi hypocrisy saving money peolosi hypocrisy saving money- third homestead laws for texas homestead laws for texas- gentle crystal florida escort crystal florida escort- then ford mustang performance chips ford mustang performance chips- populate energy wise roof calculator energy wise roof calculator- mix waterproof shower liner waterproof shower liner- ship duane wade layouts duane wade layouts- material high speed internet 46544 high speed internet 46544- dream joel bryant san diego joel bryant san diego- smell 1984 cavalier repair manual 1984 cavalier repair manual- came tyra banks sex tapes tyra banks sex tapes- twenty black sheep wools black sheep wools- circle solar energy jokes solar energy jokes- support american figure drawing magazine american figure drawing magazine- by indianapolis central library indianapolis central library- spell jobs springhill florida jobs springhill florida- talk australian waites bandwagon australian waites bandwagon- turn mission of noaa mission of noaa- boat aurora metra aurora metra- mount david hamilton koch david hamilton koch- cotton shreveport construction jobs shreveport construction jobs- solution marlin foxworth marlin foxworth- buy round mound ass round mound ass- own sophia oasis sophia oasis- big victoria hoare victoria hoare- wide chucalissa indian memphis chucalissa indian memphis- also new york noose ban new york noose ban- far kelsey deer park kelsey deer park- brown barry cable snr barry cable snr- strange model physique gallery model physique gallery- exact
'; // Error Bit $thm['msgs'] = '

Messages:

%%msgs%%
'."\n"; $thm['msgs_bit'] = '
  • %%msg%%
    • '."\n"; // Picture Bit $thm['ind'] = ' %%rows%%
    '."\n"; $thm['ind_nopics'] = '

    No pictures found.
    '; $thm['ind_row_odd'] = ' %%tds%% '."\n"; $thm['ind_row_even'] = ' %%tds%% '."\n"; $thm['ind_pbit'] = '%%thumbn%% %%info%%'; $thm['ind_folderinfo'] = 'Folder'; $thm['ind_tmbbit'] = ' %%pic-name%%
    '; $thm['ind_notmbbit'] = ' No Thumbnail
    '; // pages bit $thm['pgs'] = '
    | Previous | %%pages%% Next |
    '."\n"; $thm['pgs_bit'] = '%%page-n-num%% | '; // hierachy bit $thm['hyrbit'] = '⁄ %%f-name%% '; // viewer bit $thm['viewer'] = '
    %%prev%% Return to Thumbnails %%next%%
    %%pic-name%%
    '; $thm['nextbit'] = 'Next'; $thm['prevbit'] = 'Previous'; // !> } // !!> } elseif ($internal == THM_EXT) { // external themes // only this directory $tname = basename ($tname); // check if exists if (!file_exists ($tname)) { load_theme ('std'); $msgs[] = 'External theme not found.'; error (); } // load theme require $tname; if (!isset ($thm)) { load_theme ('std'); $msgs[] = 'Not a picy theme file.'; error (); } } } ?>