3 function photo_init(&$a) {
19 $default = 'images/default-profile.jpg';
29 $default = 'images/default-profile-mm.jpg';
34 $default = 'images/default-profile-sm.jpg';
38 $uid = str_replace('.jpg', '', $person);
40 $r = q("SELECT * FROM `photo` WHERE `scale` = %d AND `uid` = %d AND `profile` = 1 LIMIT 1",
45 $data = $r[0]['data'];
48 $data = file_get_contents($default);
54 $photo = str_replace('.jpg','',$photo);
56 if(substr($photo,-2,1) == '-') {
57 $resolution = intval(substr($photo,-1,1));
58 $photo = substr($photo,0,-2);
61 $r = q("SELECT `uid` FROM `photo` WHERE `resource-id` = '%s' AND `scale` = %d LIMIT 1",
67 $owner = $r[0]['uid'];
69 $sql_extra = " AND `allow_cid` = '' AND `allow_gid` = '' AND `deny_cid` = '' AND `deny_gid` = '' ";
71 if(local_user() && ($owner == $_SESSION['uid'])) {
73 // Owner can always see his/her photos
77 elseif(remote_user()) {
79 // authenticated visitor - here lie dragons
81 $groups = init_groups_visitor($_SESSION['visitor_id']);
82 $gs = '<<>>'; // should be impossible to match
84 foreach($groups as $g)
85 $gs .= '|<' . intval($g) . '>';
89 " AND ( `allow_cid` = '' OR `allow_cid` REGEXP '<%d>' )
90 AND ( `deny_cid` = '' OR NOT `deny_cid` REGEXP '<%d>' )
91 AND ( `allow_gid` = '' OR `allow_gid` REGEXP '%s' )
92 AND ( `deny_gid` = '' OR NOT `deny_gid` REGEXP '%s') ",
94 intval($_SESSION['visitor_id']),
95 intval($_SESSION['visitor_id']),
101 // Now we'll see if we can access the photo
103 $r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `scale` = %d $sql_extra LIMIT 1",
109 $data = $r[0]['data'];
119 header("Content-type: image/jpeg");