Location: PHPKode > projects > Esvon Personals > esvon-personals/inc/pages/images.php
<?php

// --------------------------------------------------------------------------
//
// Esvon Classifieds v.4.0
// Copyright(C), Esvon LTD, 2001-2010, All Rights Reserved.
// E-mail: hide@address.com
//
// All forms of reproduction, including, but not limited to, internet posting, 
// printing, e-mailing, faxing and recording are strictly prohibited.
// One license required per site running Esvon Classifieds. 
// To obtain a license for using Esvon Classifieds, please register at
// http://www.esvon.com/pg/products/p_classifieds/
//
// --------------------------------------------------------------------------

if(!defined('SITE_PATH')) die('Access Denied');

/*
if(!IsUser(0)){
  echo '<script>
  alert("Only registered users can see full-sized images");
  if(window.opener) window.opener.document.location = "index.php?page=login&ref_url="+"'.urlencode($_SERVER['REQUEST_URI']).'";
  window.close();</script>';
  exit;
}
*/

$HW_WRAP = 0;
$MAX_IN_ROW = 6;

$id = (int)$_GET['id'];
$f = trim((string)$_GET['f']);

$cid = $db->one_data('SELECT catid FROM '.TBL_AD.' WHERE link_id='.$id);

if(!$id || !$cid || !$f || strpos($f,'..')) die('Bad filename');

$Media_Obj = &Factory::getMediaObj('images', '', hwGetFsByCat($cid));
if(!is_object($Media_Obj)) die('Invalid Media ID');

$Media_Obj->SetDBKeyVal($id);
$buf = $Media_Obj->GetMediaArea(TPL_PATH.'images.htm', TRUE, $MAX_IN_ROW, TRUE);

$title = $db->one_data("SELECT $TITLE_FIELD FROM ".TBL_AD." WHERE link_id='$id'");

$f = html_esc($f);
EvalBuffer($buf,'$id,$f,$title',1);

?>
Return current item: Esvon Personals