3 require_once('include/security.php');
5 function photo_init(&$a) {
10 $customres = intval($a->argv[2]);
14 $person = $a->argv[2];
26 $default = 'images/default-profile.jpg';
42 $default = 'images/default-profile-mm.jpg';
47 $default = 'images/default-profile-sm.jpg';
51 $uid = str_replace('.jpg', '', $person);
53 $r = q("SELECT * FROM `photo` WHERE `scale` = %d AND `uid` = %d AND `profile` = 1 LIMIT 1",
58 $data = $r[0]['data'];
61 $data = file_get_contents($default);
71 $photo = str_replace('.jpg','',$photo);
73 if(substr($photo,-2,1) == '-') {
74 $resolution = intval(substr($photo,-1,1));
75 $photo = substr($photo,0,-2);
78 $r = q("SELECT `uid` FROM `photo` WHERE `resource-id` = '%s' AND `scale` = %d LIMIT 1",
84 $sql_extra = permissions_sql($r[0]['uid']);
86 // Now we'll see if we can access the photo
88 $r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `scale` = %d $sql_extra LIMIT 1",
94 $data = $r[0]['data'];
98 // Does the picture exist? It may be a remote person with no credentials,
99 // but who should otherwise be able to view it. Show a default image to let
100 // them know permissions was denied. It may be possible to view the image
101 // through an authenticated profile visit.
102 // There won't be many completely unauthorised people seeing this because
103 // they won't have the photo link, so there's a reasonable chance that the person
104 // might be able to obtain permission to view it.
106 $r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `scale` = %d LIMIT 1",
111 $data = file_get_contents('images/nosign.jpg');
122 if(intval($customres) && $customres > 0 && $customres < 500) {
123 require_once('include/Photo.php');
124 $ph = new Photo($data);
125 if($ph->is_valid()) {
126 $ph->scaleImageSquare($customres);
127 $data = $ph->imageString();
131 header("Content-type: image/jpeg");