X-Git-Url: http://git.shiar.nl/minimedit.git/blobdiff_plain/ee9702f9ff640f0108e52490d256c789acb09433..b28c58864e20c556b65ec60f02c0df6401f73351:/foto/index.php
diff --git a/foto/index.php b/foto/index.php
index 7df1d5c..49e5483 100644
--- a/foto/index.php
+++ b/foto/index.php
@@ -6,7 +6,7 @@ $nav[0] = "Foto's"; # override of root 'foto'
$title = array_pop($nav);
$Page->title = ($nav ? implode(' ', $nav) . ': ' : '') . $title;
-if (!$User) {
+if ($Page->api) {
$img = "$rootdir/index.jpg";
if (file_exists($img)) {
# cover image of current album
@@ -72,22 +72,22 @@ if ($imgs = glob("$rootdir/*", GLOB_ONLYDIR)) {
natsort($imgs);
print '
'."\n";
foreach ($imgs as $path) {
- $parts = pathinfo($path);
- $album = $parts['filename'];
+ $album = htmlspecialchars(pathinfo($path, PATHINFO_FILENAME));
$cover = "$path/index.jpg";
if (!file_exists($cover)) $cover = 'foto/index.jpg';
if (is_link($cover)) {
$cover = preg_replace('{^(?:\.\./)*(?=data/)}', 'thumb/100/', readlink($cover));
}
- $html = '
';
+ $html = sprintf('
', htmlspecialchars($cover));
$html .= "$album";
if (!$User->login and file_exists("$path/.private")) {
$html = ''.$html.'';
}
$html = "$html";
- printf('- %s'."\n", $album, "/$path", $html);
+ printf('
- ', $album);
+ printf('%s'."\n", htmlspecialchars($path), $html);
}
print "
\n\n";
}