====== Modifications apportées à MiniGal Nano ======

Voici le diff (-u) des fichiers avec le détail de ce que j'ai modifié entre la version officielle de MiniGal Nano 0.3.5 et la mienne (0.3.5 SSE2).

===== .htaccess =====
Fichier ajouté.
<file htaccess config.diff>Options -Indexes </file>

===== config.php =====
<file diff config.diff>
--- config.php.original	Mon Dec 06 10:43:00 2010
+++ config.php	Wed Dec 01 12:08:06 2010
@@ -16,12 +16,12 @@
 */
 
 // EDIT SETTINGS BELOW TO CUSTOMIZE YOUR GALLERY
-$thumbs_pr_page 		= "28"; //Number of thumbnails on a single page
+$thumbs_pr_page 		= "21"; //Number of thumbnails on a single page
 $gallery_width 			= "900px"; //Gallery width. Eg: "500px" or "70%"
 $backgroundcolor 		= "white"; //This provides a quick way to change your gallerys background to suit your website. Use either main colors like "black", "white", "yellow" etc. Or HEX colors, eg. "#AAAAAA"
-$templatefile 			= "mano"; //Template filename (must be placed in 'templates' folder)
-$title 					= "MiniGal Nano Testsite"; // Text to be displayed in browser titlebar
-$author 				= "Rybber";
+$templatefile 			= "darkgold2"; //Template filename (must be placed in 'templates' folder)
+$title 					= "My Gallery"; // Text to be displayed in browser titlebar
+$author 				= "Me :)";
 $folder_color 			= "black"; // Color of folder icons: blue / black / vista / purple / green / grey
 $sorting_folders		= "name"; // Sort folders by: [name][date]
 $sorting_files			= "name"; // Sort files by: [name][date][size]
@@ -39,5 +39,5 @@
 //ADVANCED SETTINGS
 $thumb_size 			= 120; //Thumbnail height/width (square thumbs). Changing this will most likely require manual altering of the template file to make it look properly! 
 $label_max_length 		= 30; //Maximum chars of a folder name that will be displayed on the folder thumbnail  
-$display_exif			= 1;
+$display_exif			= 0;
 ?>
</file>
===== config_default.php =====

<file diff config_default.diff>
--- config_default.php.original	Sun Nov 28 23:36:00 2010
+++ config_default.php	Wed Dec 01 12:08:06 2010
@@ -16,10 +16,10 @@
 */
 
 // EDIT SETTINGS BELOW TO CUSTOMIZE YOUR GALLERY
-$thumbs_pr_page 		= "18"; //Number of thumbnails on a single page
+$thumbs_pr_page 		= "21"; //Number of thumbnails on a single page
 $gallery_width 			= "900px"; //Gallery width. Eg: "500px" or "70%"
 $backgroundcolor 		= "white"; //This provides a quick way to change your gallerys background to suit your website. Use either main colors like "black", "white", "yellow" etc. Or HEX colors, eg. "#AAAAAA"
-$templatefile 			= "mano"; //Template filename (must be placed in 'templates' folder)
+$templatefile 			= "darkgold2"; //Template filename (must be placed in 'templates' folder)
 $title 					= "My Gallery"; // Text to be displayed in browser titlebar
 $author 				= "Me :)";
 $folder_color 			= "black"; // Color of folder icons: blue / black / vista / purple / green / grey
</file>
===== createthumb.php =====

<file diff createthumb.diff>
--- createthumb.php.original	Mon Dec 06 10:45:00 2010
+++ createthumb.php	Wed Dec 08 19:54:34 2010
@@ -14,16 +14,62 @@
 
 Please enjoy this free script!
 
+Version 0.3.5 modified by Sebastien SAUVAGE (sebsauvage.net):
+   - Added thumbnail cache (reduces server CPU load, server bandwith and speeds up client page display).
+   - Thumbnails are now always in JPEG even if the source image is PNG or GIF.
 
 USAGE EXAMPLE:
 File: createthumb.php
 Example: <img src="createthumb.php?filename=photo.jpg&amp;width=100&amp;height=100">
 */
 //	error_reporting(E_ALL);
-
+	error_reporting(0);
+/*
 if (preg_match("/.jpg$|.jpeg$/i", $_GET['filename'])) header('Content-type: image/jpeg');
 if (preg_match("/.gif$/i", $_GET['filename'])) header('Content-type: image/gif');
 if (preg_match("/.png$/i", $_GET['filename'])) header('Content-type: image/png');
+*/
+
+function str_split_php4( $text, $split = 1 ) {
+    // place each character of the string into and array
+    $array = array();
+    for ( $i=0; $i < strlen( $text ); ){
+        $key = NULL;
+        for ( $j = 0; $j < $split; $j++, $i++ ) {
+            $key .= $text[$i];
+        }
+        array_push( $array, $key );
+    }
+    return $array;
+}
+
+function sanitize($name)
+{
+// Sanitize image filename (taken from http://iamcam.wordpress.com/2007/03/20/clean-file-names-using-php-preg_replace/ )
+$fname=$name;
+$replace="_";
+$pattern="/([[:alnum:]_\.-]*)/";
+$fname=str_replace(str_split_php4(preg_replace($pattern,$replace,$fname)),$replace,$fname);
+return $fname;
+}
+
+// Make sure the "thumbs" directory exists.
+if (!is_dir('thumbs')) { mkdir('thumbs',0700); }
+
+// Thumbnail file name and path.
+// (We always put thumbnails in jpg for simplification)
+$thumbname = 'thumbs/'.sanitize($_GET['filename']).'.jpg';
+
+if (file_exists($thumbname))  // If thumbnail exists, serve it.
+{
+    $fd = fopen($thumbname, "r");
+    $cacheContent = fread($fd,filesize ($thumbname));
+    fclose($fd);
+    header('Content-type: image/jpeg');
+    echo($cacheContent);
+}
+else // otherwise, generate thumbnail, send it and save it to file.
+{
 
 	// Display error image if file isn't found
 	if (!is_file($_GET['filename'])) {
@@ -82,11 +128,19 @@
          imagecopyresampled($target,$source,0,0,$xoord,$yoord,$_GET['size'],$_GET['size'],$width,$height);
 		 imagedestroy($source);
 
-         if (preg_match("/.jpg$/i", $_GET['filename'])) ImageJPEG($target,null,90);
-         if (preg_match("/.gif$/i", $_GET['filename'])) ImageGIF($target,null,90);
-         if (preg_match("/.png$/i", $_GET['filename'])) ImageJPEG($target,null,90); // Using ImageJPEG on purpose
+         //if (preg_match("/.jpg$/i", $_GET['filename'])) ImageJPEG($target,null,90);
+         //if (preg_match("/.gif$/i", $_GET['filename'])) ImageGIF($target,null,90);
+         //if (preg_match("/.png$/i", $_GET['filename'])) ImageJPEG($target,null,90); // Using ImageJPEG on purpose
+         ob_start(); // Start output buffering.
+         header('Content-type: image/jpeg'); // We always render the thumbnail in JPEG even if the source is GIF or PNG.
+		 ImageJPEG($target,null,90);
          imagedestroy($target);
+		 
+		 $cachedImage = ob_get_contents(); // Get the buffer content.
+         ob_end_flush();// End buffering
+         $fd = fopen($thumbname, "w"); // Save buffer to disk
+         if ($fd) { fwrite($fd,$cachedImage); fclose($fd); }
 
-
+}
 
 ?>
</file>

===== index.php =====

<file diff index.diff>
--- index.php.original	Mon Dec 06 10:22:00 2010
+++ index.php	Wed Dec 15 09:35:44 2010
@@ -13,17 +13,24 @@
 Community: www.minigal.dk/forum
 
 Please enjoy this free script!
-*/
 
+
+Version 0.3.5 modified by Sebastien SAUVAGE (sebsauvage.net):
+  - Disabled new version check (problems on some servers)
+  - Disabled error reporting
+  - Added gallery comment (create comment.html in each directory)
+  - security update against XSS
+  
+*/
 // Do not edit below this section unless you know what you are doing!
 
 
 //-----------------------
 // Debug stuff
 //-----------------------
-	error_reporting(E_ERROR);
+//	error_reporting(E_ERROR);
 //	error_reporting(E_ALL);
-//	error_reporting(0);
+	error_reporting(0);
 /*
 	$mtime = microtime();
 	$mtime = explode(" ",$mtime);
@@ -46,6 +53,8 @@
 $images = "";
 $exif_data = "";
 $messages = "";
+$comment = "";
+
 
 //-----------------------
 // PHP ENVIRONMENT CHECK
@@ -126,14 +135,14 @@
 //-----------------------
 // CHECK FOR NEW VERSION
 //-----------------------
-if (ini_get('allow_url_fopen') == "1") {
-	$file = @fopen ("http://www.minigal.dk/minigalnano_version.php", "r");
-	$server_version = fgets ($file, 1024);
-	if (strlen($server_version) == 5 ) { //If string retrieved is exactly 5 chars then continue
-		if (version_compare($server_version, $version, '>')) $messages = "MiniGal Nano $server_version is available! <a href='http://www.minigal.dk/minigal-nano.html' target='_blank'>Get it now</a>";
-	}
-	fclose($file);
-}
+//if (ini_get('allow_url_fopen') == "1") {
+//	$file = @fopen ("http://www.minigal.dk/minigalnano_version.php", "r");
+//	$server_version = fgets ($file, 1024);
+//	if (strlen($server_version) == 5 ) { //If string retrieved is exactly 5 chars then continue
+//		if (version_compare($server_version, $version, '>')) $messages = "MiniGal Nano $server_version is available! <a href='http://www.minigal.dk/minigal-nano.html' target='_blank'>Get it now</a>";
+//	}
+//	fclose($file);
+//}
 
 if (!defined("GALLERY_ROOT")) define("GALLERY_ROOT", "");
 $thumbdir = rtrim('photos' . "/" .$_REQUEST["dir"],"/");
@@ -238,7 +247,7 @@
      			}   		
 	}
   closedir($handle);
-  } else die("ERROR: Could not open $currentdir for reading!");
+  } else die("ERROR: Could not open ".htmlspecialchars(stripslashes($currentdir))." for reading!");
 
 //-----------------------
 // SORT FILES AND FOLDERS
@@ -369,12 +378,22 @@
 $messages = "<div id=\"topbar\">" . $messages . " <a href=\"#\" onclick=\"document.getElementById('topbar').style.display = 'none';\";><img src=\"images/close.png\" /></a></div>";
 }
 
+// Read folder comment.
+$comment_filepath = $currentdir . $file . "/comment.html";
+if (file_exists($comment_filepath))
+{
+    $fd = fopen($comment_filepath, "r");
+    $comment = utf8_encode(fread($fd,filesize ($comment_filepath))); // utf8_encode to convert from iso-8859 to UTF-8
+    fclose($fd);
+}
+
+
 //PROCESS TEMPLATE FILE
 	if(GALLERY_ROOT != "") $templatefile = GALLERY_ROOT . "templates/integrate.html";
 	else $templatefile = "templates/" . $templatefile . ".html";
 	if(!$fd = fopen($templatefile, "r"))
 	{
-		echo "Template $templatefile not found!";
+		echo "Template ".htmlspecialchars(stripslashes($templatefile))." not found!";
 		exit();
 	}
 	else
@@ -390,6 +409,7 @@
 		$template = preg_replace("/<% thumbnails %>/", "$thumbnails", $template);
 		$template = preg_replace("/<% breadcrumb_navigation %>/", "$breadcrumb_navigation", $template);
 		$template = preg_replace("/<% page_navigation %>/", "$page_navigation", $template);
+		$template = preg_replace("/<% folder_comment %>/", "$comment", $template);
 		$template = preg_replace("/<% bgcolor %>/", "$backgroundcolor", $template);
 		$template = preg_replace("/<% gallery_width %>/", "$gallery_width", $template);
 		$template = preg_replace("/<% version %>/", "$version", $template);
</file>

===== templates/mano.html =====

<file diff mano.diff>
--- mano.html.original	Sun Dec 05 23:36:00 2010
+++ mano.html	Wed Dec 08 20:03:10 2010
@@ -96,6 +96,12 @@
 	vertical-align: middle;
 }
 
+#folder_comment
+{
+ margin-top:10px;
+ margin-left:10px;
+}
+
 /* ---------- gallery styles start here ----------------------- */
 .gallery {
 	list-style: none;
@@ -152,6 +158,7 @@
 <p class="credits"><em>by: </em><% author %></p>
 <span id="breadcrumb_nav"><% breadcrumb_navigation %></span>
 <div id="container">
+<div id="folder_comment"><% folder_comment %></div>
 <ul class="gallery">
 <% thumbnails %>
 </ul>
@@ -161,7 +168,7 @@
 <br />
 <!-- CREDITS - DO NOT REMOVE OR YOU WILL VOID MiniGal Nano TERMS OF USE -->
 <hr id="bottom" />
-<div class="backlink" align="center"><a href="http://www.minigal.dk" title="Powered by MiniGal Nano" target="_blank">Powered by MiniGal Nano <% version %></a></div>
+<div class="backlink" align="center"><a href="http://www.minigal.dk" title="Powered by MiniGal Nano" target="_blank">Powered by MiniGal Nano <% version %></a> <a href="http://sebsauvage.net/wiki/doku.php?id=minigal_nano" >SSE</a></div>
 <br /><br />
 </body>
 </html>
</file>

===== templates/exhibition.html =====

<file diff exhibition.diff>
--- exhibition.html.original	Fri Dec 03 23:39:00 2010
+++ exhibition.html	Wed Dec 08 20:03:00 2010
@@ -98,6 +98,10 @@
 	vertical-align: middle;
 }
 
+#folder_comment
+{
+ margin-bottom:10px;
+}
 /* ---------- gallery styles start here ----------------------- */
 .gallery {
 	list-style: none;
@@ -167,6 +171,7 @@
 <span id="breadcrumb_nav"><% breadcrumb_navigation %></span>
 <br /><br />
 <div id="container">
+<div id="folder_comment"><% folder_comment %></div>
 <ul class="gallery">
 <% thumbnails %>
 </ul>
@@ -175,7 +180,7 @@
 <div id="page_nav"><% page_navigation %></div>
 <br />
 <!-- CREDITS - DO NOT REMOVE OR YOU WILL VOID MiniGal Nano TERMS OF USE -->
-<div class="backlink" align="center"><a href="http://www.minigal.dk" title="Powered by MiniGal Nano" target="_blank">Powered by MiniGal Nano <% version %></a></div>
+<div class="backlink" align="center"><a href="http://www.minigal.dk" title="Powered by MiniGal Nano" target="_blank">Powered by MiniGal Nano <% version %></a> <a href="http://sebsauvage.net/wiki/doku.php?id=minigal_nano" >SSE</a></div>
 <br /><br />
 </body>
 </html>
</file>

===== templates/darkgold2.html =====

Nouveau fichier.

<file html darkgold2.html>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title><% title %></title>
	<link rel="stylesheet" href="<% gallery_root %>css/mediaboxAdvWhite.css" type="text/css" media="screen" />
	<link rel="alternate" type="application/rss+xml" title="<% title %>" href="rss/" /><link>
	<script src="<% gallery_root %>js/mootools.js" type="text/javascript"></script>
	<script src="<% gallery_root %>js/mediaboxAdv-1.3.4b.js" type="text/javascript"></script>
<style type="text/css">
body {
	margin: 0 auto;
	padding: 0;
	width: <% gallery_width %>;
	font: 12px Tahoma,Verdana,Arial,Helvetica, sans-serif;
	background: #272727;
	color: #BDBDBD;
}
h1 {
	font: normal 250%/100% "Trebuchet MS",Tahoma,Verdana,Arial,Helvetica, sans-serif;
	margin: 20px 0 5px 0;
	letter-spacing: -1px;
	color: #FFCC11;	
	text-shadow: #000000 2px 2px 2px;
}
.credits {
	border-bottom: solid 1px #434343;
	padding-bottom: 5px;
	margin-bottom: 5px;
	color: #CF8D26;
	font: 100% "Trebuchet MS",Tahoma,Verdana,Arial,Helvetica, sans-serif;
}
.credits em {
	color: #BDBDBD;
    font-style: normal;
    font-style: normal;
}
.backlink a {
	font-size: 10px;
	text-decoration: none;
	color: #666;
}
.backlink a:hover,
.backlink a:visited:hover {
	color: #888;
}
img {
	border: none;
}
#page_nav {
	color: #BDBDBD;
	clear:both;
	text-align: center;
}
#page_nav a:link, #page_nav a:visited, #page_nav a:hover, #page_nav a:visited:hover {
	text-decoration: none;
	color: #FFCC11;
}
#breadcrumb_nav {
	color: #BDBDBD;
	font-weight: bold;
}
#breadcrumb_nav a:link, #breadcrumb_nav a:visited, #breadcrumb_nav a:hover, #breadcrumb_nav a:visited:hover {
	text-decoration: none;
	color: #FFCC11;
}
a {
	color: #FFCC11;
}
#container {
	overflow: auto;
	width: 100%
}
.hidden {
	visibility: hidden;
	position:absolute;
	top:0;
	left:0;
	display:inline;
}
#topbar {
	border-bottom-color: #afafaf;
	border-style: none;
	color: black;
	position: absolute;
	left: 0;
	top: 0;
	margin: 0;
	padding-top: 5px;
	float: none;
	width: 100%;
	height: 25px;
	text-align: center;
	background-color: #FFFF99;
	border-bottom: 1px solid;
}
#topbar a:link, #topbar a:visited, #topbar a:hover, #topbar a:visited:hover {
	text-decoration: underline;
	color: #000;
}
#topbar img{
	position: absolute;
	right: 6;
	top: 6;
	vertical-align: middle;
}

#folder_comment
{
 margin-bottom:10px;
}

#folder_comment a {
	color: #FFCC11;
              text-decoration: none;

}
/* ---------- gallery styles start here ----------------------- */
.gallery {
	list-style: none;
	margin: 0;
	padding: 0;
}
.gallery li {
	padding: 1px;
	margin: 0;
	float: left;
	position: relative;
	width: 120px;
	height: 120px;
	overflow:hidden;
}
.gallery li:hover img {
	background: #ddd;
	filter: alpha(opacity=70);
	filter: progid:DXImageTransform.Microsoft.Alpha(opacity=70);
	-moz-opacity: 0.70;
	opacity:0.7;
}
.gallery img {
	background: #000;
	color: #666;
}
.gallery em {
	background: #000;
	color: #FFCC11;
	font-family: "Trebuchet MS",Tahoma,Verdana,Arial,Helvetica, sans-serif;
	font-style: normal;
	font-weight: bold;
	font-size: 14px;
	padding: 2px 2px;
	display: block;
	position: absolute;
	top: 90px;
	left: 1px;
	width: 116px;
	height: 20px;
	filter: alpha(opacity=60);
	filter: progid:DXImageTransform.Microsoft.Alpha(opacity=60);
	-moz-opacity: 0.60;
	opacity:0.6;
}
.gallery em-pdf {
	color: #666;
	font-style: normal;
	font-size: 10px;
	padding: 3px 7px;
	display: block;
	position: absolute;
	top: 100px;
	left: 0px;
}
.gallery a {
	text-decoration: none;
}
.gallery a:hover em {
	background: grey;
	color: black;
}
</style>
</head>
<body>
<h1><% title %></h1>
<% messages %>
<p class="credits"><em>by: </em><% author %></p>
<span id="breadcrumb_nav"><% breadcrumb_navigation %></span>
<br /><br />
<div id="container">
<div id="folder_comment"><% folder_comment %></div>
<ul class="gallery">
<% thumbnails %>
</ul>
</div>
<br />
<div id="page_nav"><% page_navigation %></div>
<br />
<!-- CREDITS - DO NOT REMOVE OR YOU WILL VOID MiniGal Nano TERMS OF USE -->
<div class="backlink" align="center"><a href="http://www.minigal.dk" title="Powered by MiniGal Nano" target="_blank">Powered by MiniGal Nano <% version %></a> <a href="http://sebsauvage.net/wiki/doku.php?id=minigal_nano" style="color:#aaa;">SSE</a></div>
<br /><br />
</body>
</html>
</file>

===== templates/integrate.html =====

<file html integrate.html>--- integrate.html.original	Wed Nov 17 20:00:00 2010
+++ integrate.html	Wed Dec 08 20:03:06 2010
@@ -70,6 +70,12 @@
 	display:inline;
 }
 
+#folder_comment
+{
+ margin-top:10px;
+ margin-left:10px;
+}
+
 /* ---------- gallery styles start here ----------------------- */
 .gallery {
 	list-style: none;
@@ -135,6 +141,7 @@
 <p class="credits"><em>by:</em> <% author %></p>
 <span id="breadcrumb_nav"><% breadcrumb_navigation %></span>
 <div id="container">
+<div id="folder_comment"><% folder_comment %></div>
 <ul class="gallery">
 <% thumbnails %>
 </ul>
@@ -143,7 +150,7 @@
 <div id="page_nav"><% page_navigation %></div>
 <br />
 <!-- CREDITS - DO NOT REMOVE OR YOU WILL VOID MiniGal Nano TERMS OF USE -->
-<div class="backlink" align="center"><a href="http://www.minigal.dk" title="Powered by MiniGal Nano" target="_blank">Powered by MiniGal Nano <% version %></a></div>
+<div class="backlink" align="center"><a href="http://www.minigal.dk" title="Powered by MiniGal Nano" target="_blank">Powered by MiniGal Nano <% version %></a> <a href="http://sebsauvage.net/wiki/doku.php?id=minigal_nano" >SSE</a></div>
 <br /><br />
 </body>
 </html>
</file>