Friendica Communications Platform (please note that this is a clone of the repository at github, issues are handled there) https://friendi.ca
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

211 lines
4.9 KiB

11 years ago
11 years ago
11 years ago
11 years ago
10 years ago
11 years ago
11 years ago
  1. <?php
  2. require_once('include/security.php');
  3. require_once('include/Photo.php');
  4. function photo_init(App $a) {
  5. global $_SERVER;
  6. $prvcachecontrol = false;
  7. $file = "";
  8. switch($a->argc) {
  9. case 4:
  10. $person = $a->argv[3];
  11. $customres = intval($a->argv[2]);
  12. $type = $a->argv[1];
  13. break;
  14. case 3:
  15. $person = $a->argv[2];
  16. $type = $a->argv[1];
  17. break;
  18. case 2:
  19. $photo = $a->argv[1];
  20. $file = $photo;
  21. break;
  22. case 1:
  23. default:
  24. killme();
  25. // NOTREACHED
  26. }
  27. // strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE']) >= filemtime($localFileName)) {
  28. if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE'])) {
  29. header('HTTP/1.1 304 Not Modified');
  30. header("Last-Modified: " . gmdate("D, d M Y H:i:s", time()) . " GMT");
  31. header('Etag: '.$_SERVER['HTTP_IF_NONE_MATCH']);
  32. header("Expires: " . gmdate("D, d M Y H:i:s", time() + (31536000)) . " GMT");
  33. header("Cache-Control: max-age=31536000");
  34. if(function_exists('header_remove')) {
  35. header_remove('Last-Modified');
  36. header_remove('Expires');
  37. header_remove('Cache-Control');
  38. }
  39. exit;
  40. }
  41. $default = 'images/person-175.jpg';
  42. if(isset($type)) {
  43. /**
  44. * Profile photos
  45. */
  46. switch($type) {
  47. case 'profile':
  48. case 'custom':
  49. $resolution = 4;
  50. break;
  51. case 'micro':
  52. $resolution = 6;
  53. $default = 'images/person-48.jpg';
  54. break;
  55. case 'avatar':
  56. default:
  57. $resolution = 5;
  58. $default = 'images/person-80.jpg';
  59. break;
  60. }
  61. $uid = str_replace(array('.jpg','.png'),array('',''), $person);
  62. $r = qu("SELECT * FROM `photo` WHERE `scale` = %d AND `uid` = %d AND `profile` = 1 LIMIT 1",
  63. intval($resolution),
  64. intval($uid)
  65. );
  66. if (dbm::is_result($r)) {
  67. $data = $r[0]['data'];
  68. $mimetype = $r[0]['type'];
  69. }
  70. if(! isset($data)) {
  71. $data = file_get_contents($default);
  72. $mimetype = 'image/jpeg';
  73. }
  74. }
  75. else {
  76. /**
  77. * Other photos
  78. */
  79. $resolution = 0;
  80. foreach( Photo::supportedTypes() as $m=>$e){
  81. $photo = str_replace(".$e",'',$photo);
  82. }
  83. if(substr($photo,-2,1) == '-') {
  84. $resolution = intval(substr($photo,-1,1));
  85. $photo = substr($photo,0,-2);
  86. }
  87. // check if the photo exists and get the owner of the photo
  88. $r = qu("SELECT `uid` FROM `photo` WHERE `resource-id` = '%s' LIMIT 1",
  89. dbesc($photo),
  90. intval($resolution)
  91. );
  92. if (dbm::is_result($r)) {
  93. $sql_extra = permissions_sql($r[0]['uid']);
  94. // Now we'll see if we can access the photo
  95. $r = qu("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `scale` <= %d $sql_extra ORDER BY scale DESC LIMIT 1",
  96. dbesc($photo),
  97. intval($resolution)
  98. );
  99. $public = (dbm::is_result($r)) AND ($r[0]['allow_cid'] == '') AND ($r[0]['allow_gid'] == '') AND ($r[0]['deny_cid'] == '') AND ($r[0]['deny_gid'] == '');
  100. if (dbm::is_result($r)) {
  101. $resolution = $r[0]['scale'];
  102. $data = $r[0]['data'];
  103. $mimetype = $r[0]['type'];
  104. } else {
  105. // The picure exists. We already checked with the first query.
  106. // obviously, this is not an authorized viev!
  107. $data = file_get_contents('images/nosign.jpg');
  108. $mimetype = 'image/jpeg';
  109. $prvcachecontrol = true;
  110. $public = false;
  111. }
  112. }
  113. }
  114. if(! isset($data)) {
  115. if(isset($resolution)) {
  116. switch($resolution) {
  117. case 4:
  118. $data = file_get_contents('images/person-175.jpg');
  119. $mimetype = 'image/jpeg';
  120. break;
  121. case 5:
  122. $data = file_get_contents('images/person-80.jpg');
  123. $mimetype = 'image/jpeg';
  124. break;
  125. case 6:
  126. $data = file_get_contents('images/person-48.jpg');
  127. $mimetype = 'image/jpeg';
  128. break;
  129. default:
  130. killme();
  131. // NOTREACHED
  132. break;
  133. }
  134. }
  135. }
  136. // Resize only if its not a GIF
  137. if ($mime != "image/gif") {
  138. $ph = new Photo($data, $mimetype);
  139. if($ph->is_valid()) {
  140. if(isset($customres) && $customres > 0 && $customres < 500) {
  141. $ph->scaleImageSquare($customres);
  142. }
  143. $data = $ph->imageString();
  144. $mimetype = $ph->getType();
  145. }
  146. }
  147. if(function_exists('header_remove')) {
  148. header_remove('Pragma');
  149. header_remove('pragma');
  150. }
  151. header("Content-type: ".$mimetype);
  152. if($prvcachecontrol) {
  153. // it is a private photo that they have no permission to view.
  154. // tell the browser not to cache it, in case they authenticate
  155. // and subsequently have permission to see it
  156. header("Cache-Control: no-store, no-cache, must-revalidate");
  157. }
  158. else {
  159. header("Last-Modified: " . gmdate("D, d M Y H:i:s", time()) . " GMT");
  160. header('Etag: "'.md5($data).'"');
  161. header("Expires: " . gmdate("D, d M Y H:i:s", time() + (31536000)) . " GMT");
  162. header("Cache-Control: max-age=31536000");
  163. }
  164. echo $data;
  165. // If the photo is public and there is an existing photo directory store the photo there
  166. if ($public and ($file != "")) {
  167. // If the photo path isn't there, try to create it
  168. $basepath = $a->get_basepath();
  169. if (!is_dir($basepath."/photo"))
  170. if (is_writable($basepath))
  171. mkdir($basepath."/photo");
  172. if (is_dir($basepath."/photo"))
  173. file_put_contents($basepath."/photo/".$file, $data);
  174. }
  175. killme();
  176. // NOTREACHED
  177. }