// /-------------------------------------------------\ // | ############################################### | // | # ------------------------------------------- # | // | # --- Picy - a simple PHP folder gallery ---- # | // | # ------------------------------------------- # | // | ############################################### | // | # http://picy.infinitesimal.org/ # | // | ############################################### | // | # © 2004 - Adrian Stutz # | // | # This script is licensed unter a # | // | # creative Commons License. # | // | # http://creativecommons.org/licenses ¬ # | // | # /by-nc-sa/2.0/de/ # | // | # adrian.stutz@gmail.com # | // | ############################################### | // | # Table of Contents: # | // | # 0. Settings (line 49) # | // | # 1. Init (line 114) # | // | # 2. Redirects (line 187) # | // | # 3. Misc Functions (line 217) # | // | # 4. Final Theme Function (line 262) # | // | # 5. Create Thumbnail Function (line 292) # | // | # 6. Is_pic Function (line 417) # | // | # 7. Get_files Function (line 436) # | // | # 8. Fill_info Function (line 470) # | // | # 9. Main (line 559) # | // | # 10. Compile Main Output (line 601) # | // | # 11. Image Viewer (line 726) # | // | # 12. Tunnel Picture Function (line 902) # | // | # 13. Warning For Ie Users (line 1023) # | // | # 14. Pictures Stored Interally (line 1041) # | // | # 15. Themes (line 1073) # | // | ############################################### | // \-------------------------------------------------/ // Pre-init defenitions define ('THM_INT',true,false); define ('THM_EXT',false,false); // Use following code to set the table picy_hp up: /* CREATE TABLE `picy` ( `ip` tinytext NOT NULL, `key` tinytext, `pic` tinytext, PRIMARY KEY (`ip`(11)) ); */ // --------------------------------------------------- // -- 0. SETTINGS ------------------------------------ // --------------------------------------------------- // 'image/jpeg','gif'=>'image/gif','png'=>'image/png'); // Secure passed pictures from hotlinking? (thumbnails and pics small than thumbnails will be excluded from this) // - Options: true or false $set['img_hotprot'] = false; // Hotlinking protection type // - Options: 'file', 'mysql' or 'session' $set['img_hp_type'] = 'session'; // ## View ########################################## // Display how many pictures per page? // - Options: Positive non-decimal number from 1 to uselessly large $set['pics_pp'] = 36; // Range for user selectable number of pics per page, set to 'array ($set['pics_pp'],$set['pics_pp']);' to disable. // - Options: Two positive non-decimal numbers from 1 to uselessly large. First number must be smaller as or equal to the second $set['pp_range'] = array ($set['pics_pp'],$set['pics_pp']); // Use internal picy viewer? If not, the picture will be shown normally (like entering it directly into the browser) // - Options: true or false $set['use_viewer'] = true; // Pad Strings to x chars where apropriate // - Options: Positive non-decimal number from 1 to uselessly large $set['padlen'] = 18; // Theme-override for IE users. // - Options: false to turn it off or a theme index number $set['iethm'] = false; // Theme type and name. You can specify more use them one subgalleries (.pcx, while x is the numerical index of the theme) // - Options: array (x,y) where x is either THM_INT for internal and THM_EXT for external themes and y the name for filename $set['themes'] = array (array (THM_INT,'std'),array (THM_INT,'html401')); // Standard theme to use // - Options: Array index of the theme, positive non-decimal number including 0 $set['cthm'] = 0; // Theme user selectable (using thm=x in the url) // - Options: true or false $set['user_thm'] = true; // Display all folders in the gallery regardless of their extension? // - Options: true or false $set['all_folders'] = false; // ## Thumbnails ########################################## // Create thumbnails? This will automatically try to create a thumbnail once a picture without one is found. // - Options: true or false $set['make_thmbs'] = true; // Thumbnail size. Aspect ratio will be retained, those are max values. // - Options: array (x,y) where x is thumbnail width and y height. $set['tmb_size'] = array (100,75); // What thumbnail creation method to use? If the array has more than one value, the latter one will be used if the first fails. // - Options: 'gd' for internal php library (JPEG and PNG support, only GIF read support for PHP < 5 [see $set['gif_convto'] option]).'magick' for ImageMagick. // Has to be installed and proper path provided ($set['magick_path']). [http://www.imagemagick.org/] $set['tmb_method'] = array ('magick','gd'); // Path to the ImageMagick executables. // - Options: String or empty string ('') if ImageMagick is installed global $set['magick_path'] = ''; // Normally, ImageMagick will create thumbnails in the same format as the original picture. If you want different formats for thumbnailsyou can specify them here. // e.g. array ('gif'=>'png','tiff'=>'jpg'); would create png thumbnails for gif and jpg for tiff images. // - Options: 'x'=>'y' where x is extension defined in $set['img_exts'] and y extension supported by ImageMagick $set['conv_types'] = array (); // If you're using a GD version without GIF write support, you can specify here, what format thumbnails should be created in for GIF images. // - Options: 'png' or 'jpeg'. $set['gif_convto'] = 'png'; // ## MySQL ########################################## // MySQL options used for mysql image hotlinking (has to be activated by $set['img_hotprot'] and $img_ht_type. $set['mq_server'] = 'localhost'; $set['mq_user'] = ''; $set['mq_password'] = ''; $set['mq_db'] = ''; // !!> // --------------------------------------------------- // -- 1. INIT ---------------------------------------- // --------------------------------------------------- $picy_version = 'v0.7'; $msgs = array (); $pics = array (); // type names $types = array (1 => 'GIF', 2 => 'JPG', 3 => 'PNG', 4 => 'SWF', 5 => 'PSD', 6 => 'BMP', 7 => 'TIFF (intel byte order)', 8 => 'TIFF (motorola byte order)', 9 => 'JPC', 10 => 'JP2', 11 => 'JPX', 12 => 'JB2', 13 => 'SWC', 14 => 'IFF', 15 => 'WBMP', 16 => 'XBM'); // load current folder $folder = dirname ($_SERVER['SCRIPT_FILENAME']).'/'; $picy_root = dirname ($_SERVER['SCRIPT_FILENAME']); // not root folder? if (isset ($_GET['f']) && trim ($_GET['f']) != '') { // compile new path $fpath = str_replace ('..','',$_GET['f']); // enforce trailing slash if (substr ($fpath,-1) != '/') $fpath .= '/'; $folder .= $fpath; } else { $fpath = ''; } // valid folder? if (!file_exists ($folder) || !is_dir ($folder)) { $msgs[] = 'No valid directory.'; error (); } // set theme if ($fpath != '' && preg_match ('/(\.pc)(\d{1,2})$/',basename ($fpath))) { $set['cthm'] = preg_replace ('/(.*)(\.pc)(\d{1,2})$/','\3',basename ($fpath)); if (!isset ($set['themes'][$set['cthm']])) { $set['cthm'] = 0; $msgs[] = 'Theme not found.'; } } // prepare pass vars $qps = array(); $passvars = array ('f','pp','offset','warnok'); foreach ($passvars as $pv) { if (isset ($_GET[$pv])) $qps[$pv] = $_GET[$pv]; } // pp in range? if (isset ($_GET['pp'])) { if ($_GET['pp'] < $set['pp_range'][0]) { $msgs[] = 'Pics per page value out of range (can be no less than '.$set['pp_range'][0].')'; $set['pics_pp'] = $set['pp_range'][0]; } elseif ($_GET['pp'] > $set['pp_range'][1]) { $msgs[] = 'Pics per page value out of range (can be no more than '.$set['pp_range'][1].')'; $set['pics_pp'] = $set['pp_range'][1]; } else { $set['pics_pp'] = (int)$_GET['pp']; } } // ie users if ($set['iethm'] !== false && !isset ($_GET['warnok']) && !isset ($_GET['dp']) && strpos ($_SERVER['HTTP_USER_AGENT'],'MSIE') !== false && strpos ($_SERVER['HTTP_USER_AGENT'],'Opera') === false) { $set['cthm'] = $set['iethm']; } // select theme if ($set['user_thm'] && isset ($_GET['thm'])) { $set['cthm'] = (int)$_GET['thm']; if (!isset ($set['themes'][$set['cthm']])) { $set['cthm'] = 0; $msgs[] = 'Theme not found.'; } } // --------------------------------------------------- // -- 2. REDIRECTS ----------------------------------- // --------------------------------------------------- // redirect for picture output if (isset ($_GET['dp'])) { pass_pic ($_GET['dp']); exit; } // redirect for picture tunnel if (isset ($_GET['pic'])) { tunnel_pic ($_GET['pic']); exit; } // redirect for viewer if (isset ($_GET['view'])) { show_viewer ($_GET['view']); exit; } // --------------------------------------------------- // -- 3. MISC FUNCTIONS ------------------------------ // --------------------------------------------------- function pad_string ($str,$len=-1) { global $set; if ($len == -1) $len = $set['padlen']; if (strlen ($str) > $len) { $str = substr ($str,0,$len-3); $str .= '...'; } return $str; } function make_query ($args) { global $qps; $temp = array_merge ($qps,$args); $qstr = ''; foreach ($temp as $key => $var) { if ($var !== false) $qstr .= '&'.$key.'='.$var; } return $qstr; } function error () { print_main (); exit; } function picy_mysql_conn () { global $set,$msgs; $connection = mysql_connect($set['mq_server'],$set['mq_user'],$set['mq_password']); if (!$connection) { $msgs[] = 'MySQL connection failed for picy hotlink protection.'; error (); } $db = mysql_select_db($set['mq_db'],$connection); if (!$db) { $msgs[] = 'Couldn\'t select mysql DB for picy hotlink protection.'; error (); } } // --------------------------------------------------- // -- 4. FINAL THEME FUNCTION ------------------------ // --------------------------------------------------- function print_main ($mainbit='',$mainwidth=525) { global $thm, $msgs, $set; if (!isset ($thm['html'])) load_theme ($set['themes'][$set['cthm']][1],$set['themes'][$set['cthm']][0]); // header + errors if (count ($msgs) > 0) { $out_temp = array (); foreach ($msgs as $msg) { $out_temp[] = str_replace ('%%msg%%',$msg,$thm['msgs_bit']); } $msgbit = str_replace ('%%msgs%%',implode('',$out_temp),$thm['msgs']); } else { $msgbit = ''; } $mainbit = $msgbit.$mainbit; // final output $html = str_replace ('%%res-name%%',basename($folder),$thm['html']); $html = str_replace ('%%main-width%%',$mainwidth,$html); print str_replace ('%%picy-main%%',$mainbit,$html); } // --------------------------------------------------- // -- 5. CREATE THUMBNAIL FUNCTION ------------------- // --------------------------------------------------- function make_thmb ($pfn) { global $msgs,$set,$types; $success = false; foreach ($set['tmb_method'] as $tm) { if ($tm == 'gd') { $info = getimagesize ($pfn); // get image types supported $gd_info = gd_info (); $handlers = array (); if ($gd_info['GIF Read Support']) $handlers[1] = 'imagecreatefromgif'; if ($gd_info['JPG Support']) $handlers[2] = 'imagecreatefromjpeg'; if ($gd_info['PNG Support']) $handlers[3] = 'imagecreatefrompng'; $outh = array (1=>'imagegif',2=>'imagejpeg',3=>'imagepng'); if (!$gd_info['GIF Create Support']) { $outh[1] = 'image'.$set['gif_convto']; $msgs[] = 'GIF image thumbnails will be converted to '.$set['gif_convto'].'.'; } if (array_key_exists ($info[2],$handlers)) { // load image $func = $handlers[$info[2]]; $img = $func ($pfn); if ($img == '') { $msgs[] = "GD: Image '".basename($pfn)."' could not be opened."; continue; } // determin resize factor if ($info[0] > $info[1]) { $factor = $set['tmb_size'][0]/$info[0]; } else { $factor = $set['tmb_size'][1]/$info[1]; } if ($factor > 1) $factor = 1; // thumbnail sizes $width = $info[0] * $factor; $height = $info[1] * $factor; // resize image $tmb = imagecreatetruecolor ($width,$height); imagecopyresampled ($tmb,$img,0,0,0,0,$width,$height,$info[0],$info[1]); // new filename $afn = basename ($pfn); $type = preg_replace ('/(.*)(\.)([^.]+)$/','\3',$afn); $fn = preg_replace ('/(.*)(\.)([^.]+)$/','\1',$afn).'.tmb.'.$type; // write thumbnail $func = $outh[$info[2]]; @$func ($tmb,dirname($pfn).'/'.$fn); if (!file_exists (dirname($pfn).'/'.$fn)) { $msgs[] = "GD: Couldn't write thumbnail for '".$afn."'."; continue; } else { $msgs[] = "'".$afn."': Thumbnail created with GD."; $success = true; break; } } else { $msgs[] = "GD: Picture format '".$types[$info[2]]."' not supported for thumbnail creation."; continue; } } elseif ($tm == 'magick') { // compile new filename $afn = basename ($pfn); $type = preg_replace ('/(.*)(\.)([^.]+)$/','\3',$afn); if (!isset ($set['conv_types'][$type])) $set['conv_types'][$type] = $type; $fn = preg_replace ('/(.*)(\.)([^.]+)$/','\1',$afn).'.tmb.'.$set['conv_types'][$type]; // do not upsample $info = getimagesize ($pfn); // determin resize factor if ($info[0] > $info[1]) { $factor = $set['tmb_size'][0]/$info[0]; } else { $factor = $set['tmb_size'][1]/$info[1]; } if ($factor > 1) $factor = 1; // thumbnail sizes $width = $info[0] * $factor; $height = $info[1] * $factor; // compile command $command = $set['magick_path'].'convert -size '.$width.'x'.$height.' "'.$pfn.'" '; $command .= '-resize '.$width.'x'.$height.' +profile "*" '; $command .= '"'.dirname($pfn).'/'.$fn.'" 2>&1'; $error = shell_exec ($command); if (!file_exists (dirname($pfn).'/'.$fn)) { if ($error != '') { $msgs[] = "ImageMagick: Couldn't create thumbnail for ".$afn." (".$error.")"; continue; } else { $msgs[] = "ImageMagick: Couldn't create thumbnail for ".$afn." (unknown reason)."; continue; } } $msgs[] = "'".$afn."': Thumbnail created with ImageMagick."; $success = true; break; } else { $msgs[] = "'".$tm."': unkown method for thumbnail creation."; continue; } } return $success; } // --------------------------------------------------- // -- 6. IS_PIC FUNCTION ----------------------------- // --------------------------------------------------- function is_pic ($str,$no_folders=false,$thumbs=false) { global $set,$folder; if (in_array (preg_replace ('/(.*)(\.)([^.]+)$/','\3',strtolower($str)),$set['img_exts']) && strstr ($str,'.blk.') === false && ($thumbs || strstr ($str,'.tmb.') === false)) { return true; } elseif (is_dir ($folder.$str) && !$no_folders && (preg_match ('/(\.pc)(\d{1,2})$/',strtolower($str)) || $set['all_folders'])) { return true; } else { return false; } } // --------------------------------------------------- // -- 7. GET_FILES FUNCTION -------------------------- // --------------------------------------------------- function get_files ($path) { global $msgs; // Check if folder if (!is_dir ($path)) { $msgs[] = "'".basename($paht)."': Is not a folder."; return false; } // Try to open folder $dir = opendir ($path); if ($dir === false) { $msgs[] = "'".basename($paht)."': Could not be opened."; return false; } // Read files into array while (($cf = readdir ($dir)) !== false) { if ($cf != '..' && $cf != '.') { $files[] = $cf; } } @natcasesort ($files, 'DateCmp'); return $files ; } // --------------------------------------------------- // -- 8. FILL_INFO FUNCTION -------------------------- // --------------------------------------------------- function fill_info ($pic) { global $set, $folder, $fpath, $types; // Check if folder if (!is_dir ($folder.$pic)) { // compile basic info $info['ext'] = preg_replace ('/(.*)(\.)([^.]+)$/','\3',$pic); $info['name'] = preg_replace ('/(.*)(\.)([^.]+)$/','\1',$pic); // special link for viewer if ($set['use_viewer']) { $info['link'] = $_SERVER['PHP_SELF'].'?'.make_query (array ('view'=>$pic)); } else { $info['link'] = $fpath.$pic; } // special path for passthru if ($set['img_passthru']) { $info['path'] = $_SERVER['PHP_SELF'].'?'.make_query (array ('pic'=>$pic)); } else { $info['path'] = $fpath.$pic; } $info['path_int'] = $folder.$pic; // get additonal info $temp = getimagesize ($folder.$pic); $info['size'] = filesize($folder.$pic); $info['width'] = $temp[0]; $info['height'] = $temp[1]; $info['type'] = $types[$temp[2]]; // check for thumbnail / do we need a thumbnail anyway? if ($temp[0] < $set['tmb_size'][0] && $temp[1] < $set['tmb_size'][1]) { // special path for passthru if (!$set['img_passthru']) { $info['thm'] = $fpath.$pic; } else { $info['thm'] = $_SERVER['PHP_SELF'].'?'.make_query (array ('pic'=>$pic)); } } elseif (file_exists ($folder.$info['name'].'.tmb.'.$info['ext'])) { // special path for passthru if (!$set['img_passthru']) { $info['thm'] = $fpath.$info['name'].'.tmb.'.$info['ext']; } else { $info['thm'] = $_SERVER['PHP_SELF'].'?'.make_query (array ('pic'=>$info['name'].'.tmb.'.$info['ext'])); } } else { // create thumbnail if requested if ($set['make_thmbs']) { if (make_thmb ($info['path_int'])) { // special path for passthru if (!$set['img_passthru']) { $info['thm'] = $fpath.$info['name'].'.tmb.'.$info['ext']; } else { $info['thm'] = $_SERVER['PHP_SELF'].'?'.make_query (array ('pic'=>$info['name'].'.tmb.'.$info['ext'])); } } else { $info['thm'] = false; } } else { $info['thm'] = false; } } } else { // compile basic info $info['ext'] = preg_replace ('/(.*)(\.)([^.]+)$/','\3',$pic); $info['name'] = preg_replace ('/(.*)(\.)([^.]+)$/','\1',$pic); $info['link'] = $_SERVER['PHP_SELF'].'?'.make_query (array('f'=>$fpath.$pic,'offset'=>false)); $info['path_int'] = $folder.$pic; // get additonal info $info['type'] = 'Folder'; $info['thm'] = $_SERVER['PHP_SELF'].'?dp=folder'; } return $info; } // --------------------------------------------------- // -- 9. MAIN ---------------------------------------- // --------------------------------------------------- // generate hierarchy $hyr[] = array ('name'=>preg_replace ('/(.*)(\.)([^.]+)$/','\1',basename($picy_root)),'link'=>$_SERVER['PHP_SELF'].'?'.make_query(array('f'=>false,'offset'=>false))); $parts = explode ('/',$fpath); $temppath = ''; foreach ($parts as $part) { if ($part != '') { $temppath .= $part.'/'; $hyr[] = array ('name'=>preg_replace ('/(.*)(\.)([^.]+)$/','\1',$part),'link'=>($_SERVER['PHP_SELF'].'?'.make_query(array('f'=>$temppath,'offset'=>false)))); } } // open folder $files = get_files ($folder); // Offset if (!isset ($_GET['offset'])) { $off = 0; } else { $off = (int)$_GET['offset']; } $pics = array (); // filter pictures $picfiles = array_filter ($files,'is_pic'); $picfiles = array_values ($picfiles); // total pictures $pn = count ($picfiles); // search for pictures / fill with info for ($i=$off;$i 0) { $info_tags = array ('%%pic-link%%','%%pic-path%%','%%pic-name%%','%%pic-size%%', '%%tbl-width%%','%%img-type%%','%%tmb-width%%','%%tmb-height%%', '%%pic-width%%','%%pic-height%%'); $tdbits = array (); $rowbits = array (); $pagebit = ''; $tablebit = ''; $hyrbit = ''; for ($i=0;$i $lp) { return $lp; } else { return $int; } } // generate page links $page_tags = array ('%%first-page%%','%%last-page%%','%%prev-page%%','%%next-page%%'); $page_bitags = array ('%%page-n-link%%','%%page-n-num%%'); $tags_data = array ($_SERVER['PHP_SELF'].'?'.make_query(array('offset'=>'0')), $_SERVER['PHP_SELF'].'?'.make_query(array('offset'=>$lp)), $_SERVER['PHP_SELF'].'?'.make_query(array('offset'=>obey_limits($_GET['offset']-$set['pics_pp']))), $_SERVER['PHP_SELF'].'?'.make_query(array('offset'=>obey_limits($_GET['offset']+$set['pics_pp'])))); // output $pbits = array (); for ($i=1;$i<=ceil($pn/$set['pics_pp']);$i++) { $bittags_data = array ($_SERVER['PHP_SELF'].'?'.make_query(array('offset'=>(($i-1)*$set['pics_pp']))),$i); $pbits[] = str_replace ($page_bitags,$bittags_data,$thm['pgs_bit']); } $pagebit = str_replace ($page_tags,$tags_data,$thm['pgs']); $pagebit = str_replace ('%%pages%%',implode('',$pbits),$pagebit); } // compile folder hierarchy for ($i=0;$i$fpath))); // generate key for hotlink protection if ($set['img_hotprot']) { if ($set['img_hp_type'] == 'file') { // generate key $key = substr (md5 (uniqid (rand())),0,10); // check for file if (file_exists ($folder.'picy_key_'.$key.'.pkf')) { $msgs[] = 'Key collision error.'; error (); } // write key $keyfile = fopen ($folder.'picy_key_'.$key.'.pkf','w'); if ($keyfile === false) { $msgs[] = 'Cannot open dir for writing.'; error (); } $status = fwrite ($keyfile,time()); if ($status === false) { $msgs[] = 'Cannot write file.'; error (); } fclose ($keyfile); // pass key $tags_data[0] = $curr['path'].'&key='.$key; } elseif ($set['img_hp_type'] == 'mysql') { // connect picy_mysql_conn (); // generate key $key = substr (md5 (uniqid (rand())),0,10); // add to database $sql = "REPLACE INTO picy (`ip`,`pic`,`key`) VALUES ('".$_SERVER['REMOTE_ADDR']."','".addslashes($pic)."','".$key."')"; $err = mysql_query ($sql); if (!$err) { $msgs[] = 'A MySQL error occured.'; } // pass key $tags_data[0] = $curr['path'].'&key='.$key; } elseif ($set['img_hp_type'] == 'session') { // start session session_start (); // save into session $_SESSION['hp']['ip'] = $_SERVER['REMOTE_ADDR']; $_SESSION['hp']['pic'] = $pic; } else { $msgs[] = 'Unkown hotlink protection type.'; error (); } } // main width if ($curr['width']+26 > 525) { $width = $curr['width']+26; } else { $width = 525; } $picbit = str_replace ($info_tags,$tags_data,$thm['viewer']); $picbit = str_replace ('%%prev%%',$prevbit,$picbit); $picbit = str_replace ('%%next%%',$nextbit,$picbit); print_main ($picbit,$width); } // --------------------------------------------------- // -- 12. TUNNEL PICTURE FUNCTION -------------------- // --------------------------------------------------- function tunnel_pic ($pic) { global $folder, $fpath, $set, $msgs; // valid picture? if (!is_pic (basename($pic),true,true)) { $msgs[] = 'No valid picture.'; error (); } // get folder contents $files = get_files ($folder); // only valid pictures // make is_pic function with no folders for callback function is_pic_nf (&$str) { return is_pic ($str,true,true); } // remove non-pic files and folders $files = array_filter ($files,'is_pic_nf'); // reindex array $files = array_values ($files); // look for picture if (($pos = array_search ($pic,$files)) === false) { $msgs[] = 'Picture not found.'; error (); } // get dimensions $temp = getimagesize ($folder.$pic); // hotlink protection if ($set['img_hotprot'] && strstr ($pic,'.tmb.') === false && ($temp[0] > $set['tmb_size'][0] && $temp[1] > $set['tmb_size'][1])) { // no dir up-s $_GET['key'] = str_replace ('..','',$_GET['key']); if ($set['img_hp_type'] == 'file') { if (trim ($_GET['key']) == '' || !file_exists ($folder.'picy_key_'.$_GET['key'].'.pkf')) { $msgs[] = 'You don\'t have permission to access this file.'; error (); } else { unlink ($folder.'picy_key_'.$_GET['key'].'.pkf'); } } elseif ($set['img_hp_type'] == 'mysql') { // open connection picy_mysql_conn (); // look for key $sql = "SELECT * FROM picy WHERE ip = '".$_SERVER['REMOTE_ADDR']."' AND pic = '".addslashes($pic)."'"; $res = mysql_query ($sql); if (!$res) { $msgs[] = 'A MySQL error occured.'; error (); } if (!mysql_num_rows ($res) == 0) { if (mysql_result ($res,0,'key') != $_GET['key']) { $msgs[] = 'You don\'t have permission to access this file.'; error (); } } else { $msgs[] = 'You don\'t have permission to access this file.'; error (); } // remove key $sql = "DELETE * FROM picy WHERE ip = '".$_SERVER['REMOTE_ADDR']."'"; mysql_query ($sql); } elseif ($set['img_hp_type'] == 'session') { // start session session_start (); if (!isset ($_SESSION['hp']) || $_SESSION['hp']['ip'] != $_SERVER['REMOTE_ADDR'] || $_SESSION['hp']['pic'] != $pic) { unset ($_SESSION['hp']); $msgs[] = 'You don\'t have permission to access this file.'; error (); } unset ($_SESSION['hp']); } else { $msgs[] = 'Unkown hotlink protection type.'; error (); } } // get file extension $ext = strtolower (preg_replace ('/(.*)(\.)([^.]+)$/','\3',$pic)); if (!isset ($set['mime_types'][$ext])) { $msgs[] = 'No suiteable MIME type found.'; error (); } // tunnel picture $file = fopen ($folder.$pic,'rb'); if ($file === false) { $msgs[] = 'Picture couldn\'t be opened.'; error (); } header ('Content-type: '.$set['mime_types'][$ext]); fpassthru ($file); fclose ($file); } // --------------------------------------------------- // -- 14. PICTURES STORED INTERALLY ------------------ // --------------------------------------------------- function pass_pic ($p) { // } elseif ($p == 'file') { // } elseif ($p == 'icon') { // } elseif ($p == 'logo') { // } elseif ($p == 'almost-html401') { // } // !!> } // --------------------------------------------------- // -- 15. THEMES ------------------------------------- // --------------------------------------------------- function load_theme ($tname,$internal=THM_INT) { global $msgs, $thm, $picy_version; if ($internal == THM_INT) { // Cats!
%%picy-main%%
solano county sherrif frequency solano county sherrif frequency- cross austin newcomers austin newcomers- strong shades of green floral shades of green floral- much kingsport tn lakes kingsport tn lakes- learn bynum nc real estate bynum nc real estate- bell pigeon forge tennessee climate pigeon forge tennessee climate- hundred cannot comprehend when reading cannot comprehend when reading- cause la sala larchmont review la sala larchmont review- sentence albert keck albert keck- arm 6031 north paulina 6031 north paulina- grow black famous porn starz black famous porn starz- motion helen lawrence artist american helen lawrence artist american- occur correa cd singer songs correa cd singer songs- separate malaysia palm oil industry malaysia palm oil industry- meant lake livingston flood levels lake livingston flood levels- free palm beach bicycle paths palm beach bicycle paths- hat english standard verison bible english standard verison bible- key robert wallace bay city robert wallace bay city- strong scott westfield scott westfield- even ginny adams ginny adams- top bridgestone firestone exton pa bridgestone firestone exton pa- visit dixie ditsler dixie ditsler- drink maureen sullivan of carlsbad maureen sullivan of carlsbad- with haverty s funiture sherman tx haverty s funiture sherman tx- spell mud bath utah mud bath utah- distant plastic neon indicating lights plastic neon indicating lights- take cyruss resturant healdsberg cyruss resturant healdsberg- straight cranes chicago financial business cranes chicago financial business- eat nba archibald nba archibald- ready home repais home repais- matter lakeside ca wildfires 2007 lakeside ca wildfires 2007- sister hargrove custom homes ga hargrove custom homes ga- she hudson marshall texas hudson marshall texas- dress walnut creek neuromuscular dentist walnut creek neuromuscular dentist- village wrigley ville wrigley ville- coast flash gordon boat flash gordon boat- drive alvin g beaman alvin g beaman- knew arts crafts toronto canada arts crafts toronto canada- see canada customs tourist computer canada customs tourist computer- consider pontiac gran prix mpg pontiac gran prix mpg- broad qwerty by linkin park qwerty by linkin park- save parks 12 planer parks 12 planer- master ava braun ava braun- where helen babu charlotte helen babu charlotte- second st jack s st jack s- learn golden fowler home funishings golden fowler home funishings- great roy moffitt cancer roy moffitt cancer- these krystal fox yiff krystal fox yiff- chick telstra yellow pages melbourne telstra yellow pages melbourne- act grand cru virginia grand cru virginia- see mashpee passport mashpee passport- milk celtic singer mark celtic singer mark- blow charles anderson genealogy charles anderson genealogy- full financing of massachusetts colony financing of massachusetts colony- slave seneca waste seneca waste- wood unfinished sweet alice cooper unfinished sweet alice cooper- with cannon beach oregon campsites cannon beach oregon campsites- cost dana sickler dana sickler- insect nojo baby carrier nojo baby carrier- govern konic 7075 printer driver konic 7075 printer driver- method suburban suv 70000 miles suburban suv 70000 miles- yard reading sunglasses mens reading sunglasses mens- desert honolulu century ride honolulu century ride- home carlos santana the rhythm carlos santana the rhythm- cat bedroom butler bedroom butler- money primrose schools omaha primrose schools omaha- stop neilmed home neilmed home- also woody woodbury sound clips woody woodbury sound clips- game convert ford transit camper convert ford transit camper- shop v557 data cable v557 data cable- power durham public school board durham public school board- populate disney camping accomodations disney camping accomodations- large bentley bed bentley bed- create flat panel lcd dvi i flat panel lcd dvi i- seven california v carney california v carney- yard mark wessman mark wessman- but ohio railroad master ohio railroad master- push chevron mission bc chevron mission bc- sudden bungalow house facts bungalow house facts- cause ramona staker ramona staker- had jordan s future jordan s future- I quote saint john bosco quote saint john bosco- serve 3d auto johnstown wisconsin 3d auto johnstown wisconsin- people pontiac firebird convertible history pontiac firebird convertible history- every home planners inc 2565 home planners inc 2565- scale susquehanna company bagley susquehanna company bagley- pattern sedona southwest store mc sedona southwest store mc- vary swissotel new york swissotel new york- over salem witch trial games salem witch trial games- list jamie mcdermott juneau jamie mcdermott juneau- notice lang farm vermont lang farm vermont- happen calculator area of circle calculator area of circle- also rahway high school famous rahway high school famous- fire lowfat crockpot chicken recipes lowfat crockpot chicken recipes- strong hall china hotpoint worth hall china hotpoint worth- dress panasonic model number search panasonic model number search- oxygen design works north pole design works north pole- loud superman bowling ball superman bowling ball- method paw paw tunnel paw paw tunnel- stood linda harrison wallpaper linda harrison wallpaper- so explosion kansas city explosion kansas city- fly bar diamonds gran canaria bar diamonds gran canaria- student folder driver cache folder driver cache- color hampton cove eastern league hampton cove eastern league- wear alex studios alex studios- govern precious island caicos precious island caicos- swim screen actors guild awards screen actors guild awards- else madelines formal portsmouth nh madelines formal portsmouth nh- tire fine pix viewer software fine pix viewer software- milk tracy ryan mpegs tracy ryan mpegs- part jamal walker jamal walker- square 1921 birthday coin set 1921 birthday coin set- sky bailey melvin attorney nc bailey melvin attorney nc- bat conchas dam cabin rentals conchas dam cabin rentals- pound panhandle cruise gay panhandle cruise gay- doctor tennessee fertility centers tennessee fertility centers- bit megan hines megan hines- all trail of tiramisu trail of tiramisu- more anthony s pizzeria orlando fl anthony s pizzeria orlando fl- lift johanes organs johanes organs- trade case credit union lansing case credit union lansing- century incall asian los angeles incall asian los angeles- make badger fottball games badger fottball games- divide rutgers university eric parker rutgers university eric parker- my manon restaurant in lambertville manon restaurant in lambertville- receive thomasville first united thomasville first united- circle kelsie buckley kelsie buckley- serve super duck excursions charlestown super duck excursions charlestown- capital michner allen auction michner allen auction- three 8 x11 solder bath 8 x11 solder bath- matter center support bearing gmc center support bearing gmc- end gerald ford s dog gerald ford s dog- language fine dining charleston wv fine dining charleston wv- fly roby chevrolet marysville roby chevrolet marysville- among fastest house construction fastest house construction- run private investigator reno private investigator reno- natural mercury marine service toronto mercury marine service toronto- doctor pig in a polk pig in a polk- come michael schumacher agent michael schumacher agent- sent pilot light gas range pilot light gas range- sell artist ambrose patterson artist ambrose patterson- snow dale biondi dale biondi- triangle renee garcia clovis west renee garcia clovis west- joy brenda murphy rowe brenda murphy rowe- class soth dakota new homes soth dakota new homes- life ashley lelie football highlights ashley lelie football highlights- bear adult rockville adult rockville- light century 21 bill stewart century 21 bill stewart- bank caucus new hampshire caucus new hampshire- yet international aluminum monterey park international aluminum monterey park- corner david rolley television crab david rolley television crab- early blank diet diary page blank diet diary page- separate ed davis intel ed davis intel- main chapel hill stadium chapel hill stadium- fraction black male sexual dominance black male sexual dominance- does chicago bear lanyard chicago bear lanyard- think chase bank subsidiaries chase bank subsidiaries- middle robert frost poetry proverbs robert frost poetry proverbs- blow jefferson on central jefferson on central- develop stockholm street map stockholm street map- both amber evans glamour amber evans glamour- office broken arrow and cast broken arrow and cast- buy home rentals springcreek nevada home rentals springcreek nevada- company harris comunication harris comunication- position barton lyman barton lyman- fall girls and purls turlock girls and purls turlock- were alicia barrs alicia barrs- toward hiking trails ramsey county hiking trails ramsey county- car diorama of mercury diorama of mercury- save jules francois archibald said jules francois archibald said- mind pizza in magnolia washington pizza in magnolia washington- home laser printer envelope feeder laser printer envelope feeder- rather na meetings el cajon na meetings el cajon- melody harding park motorcycle harding park motorcycle- hunt cascade animal protection society cascade animal protection society- during clean clear plastic windows clean clear plastic windows- street concealed weapons course naples concealed weapons course naples- ocean alchemy holdings new york alchemy holdings new york- ease california death penalty history california death penalty history- she white salmon wa river white salmon wa river- smile ashley jacobs ashley jacobs- near claudia veale sun valley claudia veale sun valley- held greater lawrence technical school greater lawrence technical school- this kathleen mcilveen canada kathleen mcilveen canada- except maryland little league maryland little league- subject 2002 softail springer 2002 softail springer- low rifle river recreational area rifle river recreational area- step us patent attorney phoenix us patent attorney phoenix- among elk river lodge elk river lodge- experience banks brenda banks brenda- safe casimir pulaski photo casimir pulaski photo- deep swiss credit union london swiss credit union london- wild martin drag way martin drag way- blow banff fairmont hotel spa banff fairmont hotel spa- ball westgate enterprises westgate enterprises- flat paramount log homes paramount log homes- measure jefferson commons sacramento jefferson commons sacramento- unit california mass wasting layers california mass wasting layers- repeat pine creek manitoba pine creek manitoba- surface dunn edwards paint samples dunn edwards paint samples- young markwood moorefield wv markwood moorefield wv- spell longines home page longines home page- wish uplands hills health uplands hills health- bring smoked rainbow trout smoked rainbow trout- sit cherry creek nursery cherry creek nursery- me syracuse italian fest 2007 syracuse italian fest 2007- remember andrew zuckerburg delray andrew zuckerburg delray- poor half baths interior designs half baths interior designs- atom harry potter 7 sequel harry potter 7 sequel- to university of delaware fire university of delaware fire- chick beloit showtimes beloit showtimes- hair archer durham archer durham- field porn star clothing brand porn star clothing brand- compare fitness magazine subscribe fitness magazine subscribe- problem old town florist portland old town florist portland- noise henry manship henry manship- shout hayes shop manauls hayes shop manauls- you model airplane jets model airplane jets- press jefferson city community band jefferson city community band- went wal mart s black friday deals wal mart s black friday deals- opposite alex taylor model alex taylor model- distant oscars 2007 dress actress oscars 2007 dress actress- here lutheran church edmonton alberta lutheran church edmonton alberta- cent west chester coach west chester coach- bad pittsburgh jeff goldblum pittsburgh jeff goldblum- smile phoenix aerospace incorporated phoenix aerospace incorporated- appear zion church taylor michigan zion church taylor michigan- out bob gibson autographs bob gibson autographs- gas humboldt bay recreation humboldt bay recreation- dictionary gay male personal photos gay male personal photos- notice faux stack stone faux stack stone- place 2007 cadillac produce line 2007 cadillac produce line- too carmelita troy carmelita troy- indicate cpr instructor memphis tn cpr instructor memphis tn- cover lee ayers associates lee ayers associates- is bonney lake bikes bonney lake bikes- radio jean le malchanceux jean le malchanceux- wheel aluminum friction stir weld aluminum friction stir weld- house gregory edmonds dds gregory edmonds dds- populate light armored recon battalion light armored recon battalion- spring delphi decatur apply delphi decatur apply- store 97 1 and tigers 97 1 and tigers- huge hard rock biloxi casino hard rock biloxi casino- share dana manning oklahoma dana manning oklahoma- village milner s crecsent hoover alabama milner s crecsent hoover alabama- fraction zip codes in honolulu zip codes in honolulu- require blue ridge grill leesburg blue ridge grill leesburg- wife where is barry s bay where is barry s bay- sing grants for truancy grants for truancy- consider wood sun deck designs wood sun deck designs- step lily holt sandals lily holt sandals- swim winchester supreme assembly winchester supreme assembly- general casey affleck biography casey affleck biography- draw distress flasher distress flasher- force faust drums milwaukee faust drums milwaukee- circle david duer david duer- element great escapes lake george great escapes lake george- learn elgin reality ok elgin reality ok- group emission light ford focus emission light ford focus- which parklands hotel perth parklands hotel perth- experiment boca grande gasparilla inn boca grande gasparilla inn- yet kaiser moanalua medical kaiser moanalua medical- water meridian mississippi car dealers meridian mississippi car dealers- final ripleys tennessee ripleys tennessee- cross school 2 rensselaer ny school 2 rensselaer ny- laugh sol reading test virginia sol reading test virginia- past kennesaw pools kennesaw pools- join blue hopi corn seed blue hopi corn seed- most kellogg center unc a kellogg center unc a- fill dia center beacon dia center beacon- pretty eva gabor wigs eva gabor wigs- modern magazine collection privee magazine collection privee- gray shannon burdett shannon burdett- support holloway motors holloway motors- populate aldos jewelry naples fl aldos jewelry naples fl- describe ashley lawing myspace ashley lawing myspace- top blarney stones cake blarney stones cake- between chicago s average snowfall chicago s average snowfall- quite everest restaurant chicago everest restaurant chicago- cotton camden development inc camden development inc- clean easy walker dog easy walker dog- allow jci wilmington nc jci wilmington nc- hit sir gordon richards sir gordon richards- found standard classification of accounts standard classification of accounts- book 66062 olathe ks 66062 olathe ks- leave movie theatres tampa movie theatres tampa- unit camden clark camden clark- interest characterstics of olive oil characterstics of olive oil- rest gerald keith hartlaub gerald keith hartlaub- differ excel toothpaste excel toothpaste- day swim team ft wayne swim team ft wayne- feed victoria video on demand victoria video on demand- invent benchmark group rogers ar benchmark group rogers ar- feel hyori beauty hyori beauty- with new york redemption centers new york redemption centers- find kristen olsen new orleans kristen olsen new orleans- except newman s own foods newman s own foods- order tom sawyer real name tom sawyer real name- industry napco floral products napco floral products- ear prayer circles prayer circles- paint tv movie ian fleming tv movie ian fleming- king o dwyer roll runner splicers o dwyer roll runner splicers- broke kooza in toronto kooza in toronto- idea erica dowdell michigan state erica dowdell michigan state- and security one and corona security one and corona- over boat rental farmington mn boat rental farmington mn- form cool welding caps cool welding caps- it riverside campground in pa riverside campground in pa- magnet illinois masonic medical center illinois masonic medical center- chick vermillion bay international weather vermillion bay international weather- occur patty roberts patty roberts- figure lake metigoshe north dakota lake metigoshe north dakota- chief pilgrims first winter pilgrims first winter- yellow gas rig drawing gas rig drawing- quiet steel pipe nashville tn steel pipe nashville tn- final home button makers home button makers- hunt stem cell success story stem cell success story- level david iverson david iverson- corner justin leo higdon justin leo higdon- heart pentecost joy pentecost joy- color pioneer rt 909 pioneer rt 909- numeral f m mike covington f m mike covington- during scott fletcher dalton georgia scott fletcher dalton georgia- cut boomer women orland park boomer women orland park- mix royal gorge park colorado royal gorge park colorado- phrase 56k modem speed patch 56k modem speed patch- jump old car bluebook price old car bluebook price- stop lynette oak hills lynette oak hills- just gay brothers sex stories gay brothers sex stories- law osu teddy bear osu teddy bear- how branch connelly summerville branch connelly summerville- camp edgar alle poe edgar alle poe- carry all inclusie mexico travel all inclusie mexico travel- kind fitzgerald s bar and grill fitzgerald s bar and grill- caught sparta and xerxes sparta and xerxes- gold robert thorton guntersville alabama robert thorton guntersville alabama- corner martin schneider scholarship martin schneider scholarship- is churches union park pa churches union park pa- serve office panels houston office panels houston- black edna wagner patterson edna wagner patterson- she targi porno glasgow targi porno glasgow- night clarks swan clarks swan- material surplus star surplus star- ice london plane tickets london plane tickets- sky australian shepherd rescue indiana australian shepherd rescue indiana- saw tha eva pics tha eva pics- quotient luke ollington luke ollington- station don gearhardt california don gearhardt california- play minority grants for college minority grants for college- multiply blue star machinery blue star machinery- must vista premium domain join vista premium domain join- north macomb county courts macomb county courts- dictionary shaman longmont shaman longmont- strong youtube charlie pride youtube charlie pride- blood salmon king lodge salmon king lodge- all oakridge san jose restaurants oakridge san jose restaurants- believe wilson comabat wilson comabat- sudden hydroponics new york gordon hydroponics new york gordon- check logic stems from logic stems from- side phil manuel fallbrook phil manuel fallbrook- cry river tavern chester river tavern chester- team baloons tower baloons tower- man michael e snyder md michael e snyder md- shout toyota avalon performance part toyota avalon performance part- dead sir alfred russel sir alfred russel- meant aster hotel london aster hotel london- crowd 1967 shelby fastback 1967 shelby fastback- cover angela fettig angela fettig- house hunter hack english show hunter hack english show- we russell valley beagles ma russell valley beagles ma- your east bridgewater mass east bridgewater mass- keep bertha de la hoz bertha de la hoz- ran rent in denver rent in denver- found rick s farmers market rick s farmers market- consonant t1 carriers t1 carriers- science grenada husserl phenomenology grenada husserl phenomenology- what california magnet high schools california magnet high schools- receive aloha coloring pages aloha coloring pages- safe southern lakes credit union southern lakes credit union- electric bouldercity nevada bouldercity nevada- strong livingston merced entrepreneur livingston merced entrepreneur- die grandby popup camper california grandby popup camper california- draw ectb stars ectb stars- summer santa monica buses santa monica buses- planet eagle and kids activites eagle and kids activites- ship protect from negative energy protect from negative energy- pretty 750 macarthur blvd oakland 750 macarthur blvd oakland- circle jill cook auctioneer jill cook auctioneer- offer dresden sv china dresden sv china- claim dana point dog parks dana point dog parks- truck 808 restraint iowa city 808 restraint iowa city- wife glms montgomery co glms montgomery co- enter english teachers overseas jobs english teachers overseas jobs- hand oklahoma city pucketts wrecker oklahoma city pucketts wrecker- lay pontiac mcallen texas pontiac mcallen texas- operate misty imler maryland misty imler maryland- find joan dix joan dix- broad jeff russell s starship dimensions jeff russell s starship dimensions- feet lotus suitcase lotus suitcase- liquid stories by amy carmichael stories by amy carmichael- vowel property management in buffalo property management in buffalo- tree navarre fl beach house navarre fl beach house- general kiser new mexico soccer kiser new mexico soccer- camp clastic sedimentary rock clastic sedimentary rock- magnet flaming gorge lake map flaming gorge lake map- weight bristol meyer squibb bristol meyer squibb- sheet christin marquard washington christin marquard washington- train harrison hager harrison hager- right arrowhead orchard ohio arrowhead orchard ohio- day bar harbor flea market bar harbor flea market- gave sunshine herbs n more sunshine herbs n more- view robert harrop police motorcyclist robert harrop police motorcyclist- glad speedway cable auto booster speedway cable auto booster- forward golden corral duluth ga golden corral duluth ga- score bea arthur facts bea arthur facts- course pegase lynx pegase lynx- process scott sub10 scott sub10- general jacobs chuck 36 jacobs chuck 36- metal arthur wood investments arthur wood investments- build winnsboro drunk driving winnsboro drunk driving- subject jack swanda omaha jack swanda omaha- help drugs of woodstock drugs of woodstock- afraid long branch nj redevelopment long branch nj redevelopment- experience high wait women s jeans high wait women s jeans- serve caesarian section medical journal caesarian section medical journal- space scrollsaw patterns deer scrollsaw patterns deer- us harrington photography three oaks harrington photography three oaks- walk unofficial ola page unofficial ola page- indicate 821 amaroso venice beach 821 amaroso venice beach- cold happy dog slogan happy dog slogan- slow jeopardy template fertile crescent jeopardy template fertile crescent- lie disney mulan lyrics disney mulan lyrics- night dry cleaners gresham oregon dry cleaners gresham oregon- hundred biomat usa everett biomat usa everett- ran
'; // Error Bit $thm['msgs'] = '

Messages:

%%msgs%%
'."\n"; $thm['msgs_bit'] = '
  • %%msg%%
    • '."\n"; // Picture Bit $thm['ind'] = ' %%rows%%
    '."\n"; $thm['ind_nopics'] = '

    No pictures found.
    '; $thm['ind_row_odd'] = ' %%tds%% '."\n"; $thm['ind_row_even'] = ' %%tds%% '."\n"; $thm['ind_pbit'] = '%%thumbn%% %%info%%'; $thm['ind_folderinfo'] = 'Folder'; $thm['ind_tmbbit'] = ' %%pic-name%%
    '; $thm['ind_notmbbit'] = ' No Thumbnail
    '; // pages bit $thm['pgs'] = '
    | Previous | %%pages%% Next |
    '."\n"; $thm['pgs_bit'] = '%%page-n-num%% | '; // hierachy bit $thm['hyrbit'] = '⁄ %%f-name%% '; // viewer bit $thm['viewer'] = '
    %%prev%% Return to Thumbnails %%next%%
    %%pic-name%%
    '; $thm['nextbit'] = 'Next'; $thm['prevbit'] = 'Previous'; // !> } // !!> } elseif ($internal == THM_EXT) { // external themes // only this directory $tname = basename ($tname); // check if exists if (!file_exists ($tname)) { load_theme ('std'); $msgs[] = 'External theme not found.'; error (); } // load theme require $tname; if (!isset ($thm)) { load_theme ('std'); $msgs[] = 'Not a picy theme file.'; error (); } } } ?>