<?php
$folder = "/htdocs/images/"; // Folder containing files - can be absolute or relative to current directory
if (!
preg_match('/$',
$folder)) {$folder =
$folder .
"/";
} // Adds trailing slash to $folder
// The line below essentially makes it impossible for script to roam outside of $folder or its subfolders
$the_path =
preg_replace('@\.@',
'',
$file,
(preg_match_all("/\./",
$file,
$matches) -
1));
// Strips all periods except the one for the extension $filename = "{$folder}{$the_path}";
while (strrpos($filename,
'//')) // Gets rid of these: //
$ext = $path_parts['extension'];
// Only the following types of files will be displayed with this script
$mime['jpg'] = "image/jpeg";
$mime['jpeg'] = "image/jpeg";
$mime['gif'] = "image/gif";
$mime['png'] = "image/png";
{echo "This type of file is not allowed to be displayed.";
} else {header("Content-type: " .
$mime[$path_parts[extension
]]);
}
?>