MrPetovan/friendica
2
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

tell browser not to cache permission denied (private) photos so that after authenticating we don't have to fight the browser - plus more prvgroup work

Browse source
This commit is contained in:
friendica 2012-05-17 19:59:46 -07:00
parent d5d853f37f
commit 7cfa7a7671
2 changed files with 22 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
include/items.php
View file

@ -2199,7 +2199,7 @@ function local_delivery($importer,$data) {
if($is_reply) { if($is_reply) {
$community = false; $community = false;
if($importer['page-flags'] == PAGE_COMMUNITY) { if($importer['page-flags'] == PAGE_COMMUNITY || $importer['page-flags'] == PAGE_PRVGROUP ) {
$sql_extra = ''; $sql_extra = '';
$community = true; $community = true;
logger('local_delivery: possible community reply'); logger('local_delivery: possible community reply');
@ -2226,8 +2226,8 @@ function local_delivery($importer,$data) {
if($r && count($r)) if($r && count($r))
$is_a_remote_comment = true; $is_a_remote_comment = true;
// Does this have the characteristics of a community comment? // Does this have the characteristics of a community or private group comment?
// If it's a reply to a wall post on a community page it's a // If it's a reply to a wall post on a community/prvgroup page it's a
// valid community comment. Also forum_mode makes it valid for sure. // valid community comment. Also forum_mode makes it valid for sure.
// If neither, it's not. // If neither, it's not.

21
mod/photo.php
View file

@ -28,6 +28,8 @@ function photo_init(&$a) {
} }
}*/ }*/
$prvcachecontrol = false;
switch($a->argc) { switch($a->argc) {
case 4: case 4:
$person = $a->argv[3]; $person = $a->argv[3];
@ -134,6 +136,7 @@ function photo_init(&$a) {
); );
if(count($r)) { if(count($r)) {
$data = file_get_contents('images/nosign.jpg'); $data = file_get_contents('images/nosign.jpg');
$prvcachecontrol = true;
} }
} }
} }
@ -179,8 +182,22 @@ function photo_init(&$a) {
} }
header("Content-type: image/jpeg"); header("Content-type: image/jpeg");
header("Expires: " . gmdate("D, d M Y H:i:s", time() + (3600*24)) . " GMT");
header("Cache-Control: max-age=" . (3600*24)); if($prvcachecontrol) {
// it is a private photo that they have no permission to view.
// tell the browser not to cache it, in case they authenticate
// and subsequently have permission to see it
header("Cache-Control: no-store, no-cache, must-revalidate");
}
else {
header("Expires: " . gmdate("D, d M Y H:i:s", time() + (3600*24)) . " GMT");
header("Cache-Control: max-age=" . (3600*24));
}
echo $data; echo $data;
killme(); killme();
// NOTREACHED // NOTREACHED