mirror of
https://github.com/friendica/friendica
synced 2024-12-22 14:38:02 +01:00
tell browser not to cache permission denied (private) photos so that after authenticating we don't have to fight the browser - plus more prvgroup work
This commit is contained in:
parent
d5d853f37f
commit
7cfa7a7671
2 changed files with 22 additions and 5 deletions
|
@ -2199,7 +2199,7 @@ function local_delivery($importer,$data) {
|
||||||
if($is_reply) {
|
if($is_reply) {
|
||||||
$community = false;
|
$community = false;
|
||||||
|
|
||||||
if($importer['page-flags'] == PAGE_COMMUNITY) {
|
if($importer['page-flags'] == PAGE_COMMUNITY || $importer['page-flags'] == PAGE_PRVGROUP ) {
|
||||||
$sql_extra = '';
|
$sql_extra = '';
|
||||||
$community = true;
|
$community = true;
|
||||||
logger('local_delivery: possible community reply');
|
logger('local_delivery: possible community reply');
|
||||||
|
@ -2226,8 +2226,8 @@ function local_delivery($importer,$data) {
|
||||||
if($r && count($r))
|
if($r && count($r))
|
||||||
$is_a_remote_comment = true;
|
$is_a_remote_comment = true;
|
||||||
|
|
||||||
// Does this have the characteristics of a community comment?
|
// Does this have the characteristics of a community or private group comment?
|
||||||
// If it's a reply to a wall post on a community page it's a
|
// If it's a reply to a wall post on a community/prvgroup page it's a
|
||||||
// valid community comment. Also forum_mode makes it valid for sure.
|
// valid community comment. Also forum_mode makes it valid for sure.
|
||||||
// If neither, it's not.
|
// If neither, it's not.
|
||||||
|
|
||||||
|
|
|
@ -28,6 +28,8 @@ function photo_init(&$a) {
|
||||||
}
|
}
|
||||||
}*/
|
}*/
|
||||||
|
|
||||||
|
$prvcachecontrol = false;
|
||||||
|
|
||||||
switch($a->argc) {
|
switch($a->argc) {
|
||||||
case 4:
|
case 4:
|
||||||
$person = $a->argv[3];
|
$person = $a->argv[3];
|
||||||
|
@ -134,6 +136,7 @@ function photo_init(&$a) {
|
||||||
);
|
);
|
||||||
if(count($r)) {
|
if(count($r)) {
|
||||||
$data = file_get_contents('images/nosign.jpg');
|
$data = file_get_contents('images/nosign.jpg');
|
||||||
|
$prvcachecontrol = true;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -179,8 +182,22 @@ function photo_init(&$a) {
|
||||||
}
|
}
|
||||||
|
|
||||||
header("Content-type: image/jpeg");
|
header("Content-type: image/jpeg");
|
||||||
header("Expires: " . gmdate("D, d M Y H:i:s", time() + (3600*24)) . " GMT");
|
|
||||||
header("Cache-Control: max-age=" . (3600*24));
|
if($prvcachecontrol) {
|
||||||
|
|
||||||
|
// it is a private photo that they have no permission to view.
|
||||||
|
// tell the browser not to cache it, in case they authenticate
|
||||||
|
// and subsequently have permission to see it
|
||||||
|
|
||||||
|
header("Cache-Control: no-store, no-cache, must-revalidate");
|
||||||
|
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
|
||||||
|
header("Expires: " . gmdate("D, d M Y H:i:s", time() + (3600*24)) . " GMT");
|
||||||
|
header("Cache-Control: max-age=" . (3600*24));
|
||||||
|
|
||||||
|
}
|
||||||
echo $data;
|
echo $data;
|
||||||
killme();
|
killme();
|
||||||
// NOTREACHED
|
// NOTREACHED
|
||||||
|
|
Loading…
Reference in a new issue