--- a/inc/funkce.inc.php 2005-11-14 13:43:05.000000000 +1300 +++ b/inc/funkce.inc.php 2005-11-29 22:33:05.000000000 +1300 @@ -10,14 +10,16 @@ echo "\n
\n"; echo "
\n"; if ($snapshot > 1) { //previous - echo ""; echo "< Previous\n"; } echo " "; if (is_file("$gallery_dir/$gallery/lq/img-$next.jpg")) { //next - echo ""; echo "Next >\n"; @@ -26,7 +28,8 @@ } elseif ($image=="prev") { //previous thumbnail if ($snapshot > 1) { //previous echo "
"; - echo ""; if (file_exists("$gallery_dir/$gallery/thumbs/img-$prev.png")) { $Pthumb = "$gallery_dir/$gallery/thumbs/img-$prev.png"; @@ -43,7 +46,8 @@ } else { //next thumbnail if (is_file("$gallery_dir/$gallery/lq/img-$next.jpg")) { echo "
"; - echo ""; if (file_exists("$gallery_dir/$gallery/thumbs/img-$next.png")) { $Nthumb = "$gallery_dir/$gallery/thumbs/img-$next.png"; --- a/inc/www.class.inc.php 2005-11-14 13:29:01.000000000 +1300 +++ b/inc/www.class.inc.php 2005-11-29 22:33:05.000000000 +1300 @@ -47,14 +47,17 @@ $dalsi = $snimek + 1; if ($snimek > 1) { echo " \n"; + echo " href=\"$ThisScript?galerie=" . + rawurlencode($galerie) . "&photo=1\" />\n"; echo " \n"; + echo "href=\"$ThisScript?galerie=" . rawurlencode($galerie) . + "&photo=$predchozi\" />\n"; } #Next if (is_file("$gallery_dir/$galerie/lq/img-$dalsi.jpg")) { echo " \n"; + echo " href=\"$ThisScript?galerie=" . + rawurlencode($galerie) . "&photo=$dalsi\" />\n"; } #Last $adr = opendir("$gallery_dir/$galerie/thumbs/"); @@ -64,7 +67,8 @@ } if ($i!=$snimek) { echo " \n"; + echo " href=\"$ThisScript?galerie=" . + rawurlencode($galerie) . "&photo=$i\" />\n"; } } --- a/index.php 2005-11-14 13:53:21.000000000 +1300 +++ b/index.php 2005-11-29 22:34:27.000000000 +1300 @@ -32,7 +32,7 @@ $galerie=''; if (isset($_GET['galerie'])) $galerie=$_GET["galerie"]; if (isset($_GET['gallery'])) $galerie=$_GET["gallery"]; -$galerie = preg_replace('/\//', '', $galerie); +$galerie = preg_replace('/\//', '', stripslashes($galerie)); if (isset($_GET["thumbsize"])) $thumbsize=$_GET["thumbsize"]; $snimek = 0; if (isset($_GET["snimek"])) $snimek=$_GET["snimek"]; @@ -232,11 +232,13 @@ echo "

"; + echo " href=\"$ThisScript?galerie=" . + rawurlencode($foldername) . "\">"; echo $galeriename[$foldername]; echo ""; } else { - echo " href=\"$ThisScript?galerie=$foldername\">$foldername"; + echo " href=\"$ThisScript?galerie=" . + rawurlencode($foldername) . "\">$foldername"; } if (@$galeriedesc[$foldername]) { echo "" . $galeriedesc[$foldername]; @@ -316,7 +318,7 @@ } else $title = "Photo ${x[1]}"; - echo " "; @@ -360,16 +362,16 @@ //and links to archived images: echo "\n

\n"; if (file_exists("$gallery_dir/$galerie/zip/mq.zip")) { - echo "[ " . __('zipped MQ images') . " ] "; + echo "[ " . __('zipped MQ images') . " ] "; } if (file_exists("$gallery_dir/$galerie/zip/mq.tar.bz2")) { - echo "[ " . __('MQ images tarball') . " ] "; + echo "[ " . __('MQ images tarball') . " ] "; } if (file_exists("$gallery_dir/$galerie/zip/hq.zip")) { - echo "[ " . __('zipped HQ images') . " ]"; + echo "[ " . __('zipped HQ images') . " ]"; } if (file_exists("$gallery_dir/$galerie/zip/hq.tar.bz2")) { - echo "[ " . __('HQ images tarball') . " ]"; + echo "[ " . __('HQ images tarball') . " ]"; } echo "

"; @@ -378,7 +380,7 @@ ####################### } else { //low-res image # finish off header - echo "\n > "; + echo "\n > "; if ($galeriename[$galerie]) { echo $galeriename[$galerie]; } else { @@ -413,9 +415,11 @@ if ( eregi("^img-([0-9]+)\.(png|jpe?g)", $thumbfile, $x)) { $thumb = "$gallery_dir/$galerie/thumbs/img-${x[1]}.${x[2]}"; - echo " "; + echo " title=\"" . + get_photo_title($galerie, $x[1]) . "\">"; echo ""; + echo ""; echo "zip"; } if (file_exists("$gallery_dir/$galerie/zip/hq.tar.bz2")) { - echo ""; + echo ""; echo "zip"; } echo "
\n"; @@ -509,10 +513,10 @@ if (file_exists("$gallery_dir/$galerie/mq/img-$snimek.jpg") || file_exists("$gallery_dir/$galerie/hq/img-$snimek.jpg")) { echo "
"; if (file_exists("$gallery_dir/$galerie/mq/img-$snimek.jpg")) { - echo "". __('MQ') . " "; + echo "MQ "; } if (file_exists("$gallery_dir/$galerie/hq/img-$snimek.jpg")) { - echo "" . __('HQ') . ""; + echo "HQ"; } echo "
\n"; //mqhq }