|
|
@@ -5,7 +5,7 @@
|
|
|
<body>
|
|
|
<?php
|
|
|
|
|
|
- $CONFIG = array( // TODO: check if still in one of these dirs to prevent escaping to other files
|
|
|
+ $CONFIG = array(
|
|
|
"paths" => array(
|
|
|
"/media/Serien",
|
|
|
"/media/Filme"
|
|
|
@@ -34,17 +34,21 @@
|
|
|
$list = array_diff($list, array('.'));
|
|
|
foreach($list as $object) {
|
|
|
if($object == "..") {
|
|
|
- $paths = explode('/', $_GET['path']);
|
|
|
- $paths = array_diff($paths, array($paths[sizeof($paths) - 1]));
|
|
|
- $pathv = "";
|
|
|
- foreach($paths as $key => $path) {
|
|
|
- if($key == sizeof($paths) - 1) {
|
|
|
- $pathv .= $path;
|
|
|
- } else {
|
|
|
- $pathv .= $path . "/";
|
|
|
+ if(in_array($_GET['path'], $CONFIG['paths'])) {
|
|
|
+ echo "<a href=\"?path=\">Home</a><br>";
|
|
|
+ } else {
|
|
|
+ $paths = explode('/', $_GET['path']);
|
|
|
+ $paths = array_diff($paths, array($paths[sizeof($paths) - 1]));
|
|
|
+ $pathv = "";
|
|
|
+ foreach($paths as $key => $path) {
|
|
|
+ if($key == sizeof($paths) - 1) {
|
|
|
+ $pathv .= $path;
|
|
|
+ } else {
|
|
|
+ $pathv .= $path . "/";
|
|
|
+ }
|
|
|
}
|
|
|
+ echo "<a href=\"?path=" . $pathv . "\">" . $object . "</a><br>";
|
|
|
}
|
|
|
- echo "<a href=\"?path=" . $pathv . "\">" . $object . "</a><br>";
|
|
|
} else {
|
|
|
echo "<a href=\"?path=" . $_GET['path'] . "/" . $object . "\">" . $object . "</a><br>";
|
|
|
}
|
|
|
@@ -61,8 +65,7 @@
|
|
|
}
|
|
|
}
|
|
|
|
|
|
- $mime = finfo_file(finfo_open(FILEINFO_MIME), $_GET['path']);
|
|
|
- $mime = explode(';', $mime);
|
|
|
+ $mime = explode(';', finfo_file(finfo_open(FILEINFO_MIME), $_GET['path']));
|
|
|
|
|
|
echo "<a href=\"?path=" . $pathv . "\">Back</a><br>";
|
|
|
echo "<video width=\"auto\" height=\"auto\" controls>";
|
|
|
@@ -71,7 +74,6 @@
|
|
|
echo "</video>";
|
|
|
}
|
|
|
}
|
|
|
-
|
|
|
?>
|
|
|
</body>
|
|
|
</html>
|
