3 require_once('include/security.php');
5 function photo_init(&$a) {
21 $default = 'images/default-profile.jpg';
36 $default = 'images/default-profile-mm.jpg';
41 $default = 'images/default-profile-sm.jpg';
45 $uid = str_replace('.jpg', '', $person);
47 $r = q("SELECT * FROM `photo` WHERE `scale` = %d AND `uid` = %d AND `profile` = 1 LIMIT 1",
52 $data = $r[0]['data'];
55 $data = file_get_contents($default);
65 $photo = str_replace('.jpg','',$photo);
67 if(substr($photo,-2,1) == '-') {
68 $resolution = intval(substr($photo,-1,1));
69 $photo = substr($photo,0,-2);
72 $r = q("SELECT `uid` FROM `photo` WHERE `resource-id` = '%s' AND `scale` = %d LIMIT 1",
78 $sql_extra = permissions_sql($r[0]['uid']);
80 // Now we'll see if we can access the photo
82 $r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `scale` = %d $sql_extra LIMIT 1",
88 $data = $r[0]['data'];
92 // Does the picture exist? It may be a remote person with no credentials,
93 // but who should otherwise be able to view it. Show a default image to let
94 // them know permissions was denied. It may be possible to view the image
95 // through an authenticated profile visit.
96 // There won't be many completely unauthorised people seeing this because
97 // they won't have the photo link, so there's a reasonable chance that the person
98 // might be able to obtain permission to view it.
100 $r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `scale` = %d LIMIT 1",
105 $data = file_get_contents('images/nosign.jpg');
116 header("Content-type: image/jpeg");