IMAGE_TYPES = array('jpeg', 'jpg', 'gif', 'png'); $tmp = explode('/', str_replace('\\', '/', __FILE__)); array_pop($tmp); array_pop($tmp); $this->root = implode('/', $tmp); $this->path = $this->sanitisepath($_GET['path']); $this->dir = $this->root . '/' . $this->path; } function sanitisepath($path) { if ($path == 'root') { return 'pix'; } if (substr($path, 0, 3) != 'pix') { $this->send('Not a valid directory'); } return preg_replace('/[.]+/', '', $path); } function isimage($file) { if (strpos($file, '.') === false) { return false; } return in_array(array_pop(explode('.', $file)), $this->IMAGE_TYPES); } function readfiles() { if (!is_dir($this->dir)) { $this->send('Not a valid directory'); } $handle = opendir($this->dir); while (false !== ($file = readdir($handle))) { if ($file == '.' || $file == '..') { continue; } if (is_dir($this->dir . '/' . $file)) { $this->founddirs[] = $file; } else if ($this->isimage($file)) { $this->foundfiles[] = $file; } } closedir($handle); sort($this->founddirs, SORT_STRING); sort($this->foundfiles, SORT_STRING); $this->sendfiles(); } function sendfiles() { $out = "path\">\n"; foreach ($this->founddirs as $file) { $out .= " $this->path/$file\n"; } foreach ($this->foundfiles as $file) { $out .= " $this->path/$file\n"; } $out .= ""; $this->send($out); } function send($out) { header("Content-type: application/xml; charset=utf-8"); die($out); } } ?>