This is a bit of security to prevent people looking at other folders you do not want them looking into.
$allowedFolders =array( 'r1','r2','r5' );
Here is a link to GET in the php manual
Is checking the folder you are getting the images from is allowed to be accessed.
!empty( $_GET['id'] ) // if the folder I'd is specified
&& in_array( $_GET['id'],$allowedFolders ) // and folder is allowed
You need a lot more code than you have posted; as I said that is just a basic bit of security checking.
As I said depending on what you want to do dictates what you do next.
If I was you I would check out some ready made code on Hotscripts.