fotos.php:

[code]
<?php
           if ($dir = @opendir("fotos")) 
           {
               while (($file = readdir($dir)) !== false) 
               {
                   if($file != ".." && $file != ".")
                   {
                       $filelist[] = $file;
                   }
               } 
               closedir($dir);
           }
           asort($filelist);
           while (list ($key, $val) = each ($filelist)) 
           {
               echo "<a href=\"show.php?map=$val\">$val</a>" . "<p>";
           }
           ?>
[/code]

show.php:

[code]
<?php

error_reporting(E_ALL);
if (preg_match('/\.\./',$_GET['map'])) {
   
   echo "Geen toegang"; 

} else {
                            
$map = htmlentities($_GET['map']); 
$maindir = 'fotos/' . $map. '/';

if($handle = opendir($maindir)){ 
while($file = readdir($handle)){ 
if(eregi('.jpg|.jpeg|.gif|.bmp|.png', $file)){
echo '<A href="' . $maindir . $file . '" target ="_blank"><img src="' . $maindir . $file . '" width="250" height="250" border="0" /></a>';
} 
} 
} 
}
?> 
[/code]