Location: PHPKode > projects > Ptk-forensics > ptk/lib/gallery_browsing.php
<?
/*
PTK  - DFLabs
Copyright (C) 2008 - DFLabs srl - All rights reserved
hide@address.com
*/
include("check_session.php");
//include("check_session_image.php");
include("lib_commands.php");
include("loggerClass.php");
if(isset($_GET['parentId'])){
	$parent = preg_replace("/[^a-zA-Z0-9\/\_\-\+\|]/", "", $_GET['parentId']);
	$x = explode("|", $parent);
	$offset = sanitize($x[0],INT);
	$parent = sanitize($x[1],PARANOID);
	$tz = preg_replace("/[^a-zA-Z0-9\/\_\-\+\|]/", "", $x[2]);
	$partition = sanitize($x[3],INT);
	$token = sanitize(RemoveXSS($x[4]),PARANOID);
	if (isset($_SESSION['gal_bro_token']) && strcmp($_SESSION['gal_bro_token'],$token) == 0){
		$output = get_folder_browsing($_SESSION['image_path'], $offset, $parent);
		$line = explode("\n", $output);
		foreach ($line as $line){
			$arr = explode("|", $line);
			$inode = sanitize($arr[2],PARANOID);
			$name = $arr[1];
			$name = preg_replace("/^\//", "", $name);		
			$name = RemoveXSS($name);
			$has_subfolders = check_subfolders($_SESSION['image_path'], $offset, $inode);
			if(preg_match("/\(deleted\)/", $name)){
				$name = preg_replace("/\(deleted\)/", "", $name);
				if($has_subfolders == 1){
					echo "<li class='folderdeleted.gif'><a href='#'><father onclick=\"folderWait(this); ajax_request('get_folder_gallery.php?tk=$token&arg1=$offset&arg2=$inode&arg3=$partition&arg4=$tz', 'folder_content')\">$name</father></a>";
					echo "<ul>";
					echo "<li parentId='$offset|$inode|$tz|$partition|$token'><a href='#'>Loading</a></li>";
					echo "</ul>";
					echo "</li>";
				}else{
					echo "<li class='folderdeleted.gif' onclick=\"folderWait(this); ajax_request('get_folder_gallery.php?tk=$token&arg1=$offset&arg2=$inode&arg3=$partition&arg4=$tz', 'folder_content')\"><a href='#'>$name</a></li>";	
				}				
			}else{
				if($name!=''){
					if($has_subfolders == 1){
						echo "<li><a href='#'><father onclick=\"folderWait(this); ajax_request('get_folder_gallery.php?tk=$token&arg1=$offset&arg2=$inode&arg3=$partition&arg4=$tz', 'folder_content')\">$name</father></a>";	
						echo "<ul>";
						echo "<li parentId='$offset|$inode|$tz|$partition|$token'><a href='#'>Loading</a></li>";
						echo "</ul>";
						echo "</li>";
					}else{
						echo "<li onclick=\"folderWait(this); ajax_request('get_folder_gallery.php?tk=$token&arg1=$offset&arg2=$inode&arg3=$partition&arg4=$tz', 'folder_content')\"><a href='#'>$name</a></li>";	
					}	
				}
			}
		}
	}else{
	        new AuditLog('Unauthorized access to gallery_browsing');
        	header("location: home.php");
	}
}else{
	new AuditLog('Unauthorized access to gallery_browsing');
        header("location: goto_home.php");
}
?>
Return current item: Ptk-forensics