mod/photo.php

   1 <?php
   2
   3 use Friendica\App;
   4 use Friendica\Database\DBM;
   5
   6 require_once('include/security.php');
   7 require_once('include/Photo.php');
   8
   9 function photo_init(App $a) {
  10         global $_SERVER;
  11
  12         $prvcachecontrol = false;
  13         $file = "";
  14
  15         switch ($a->argc) {
  16                 case 4:
  17                         $person = $a->argv[3];
  18                         $customres = intval($a->argv[2]);
  19                         $type = $a->argv[1];
  20                         break;
  21                 case 3:
  22                         $person = $a->argv[2];
  23                         $type = $a->argv[1];
  24                         break;
  25                 case 2:
  26                         $photo = $a->argv[1];
  27                         $file = $photo;
  28                         break;
  29                 case 1:
  30                 default:
  31                         killme();
  32                         // NOTREACHED
  33         }
  34
  35         if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE'])) {
  36                 header('HTTP/1.1 304 Not Modified');
  37                 header("Last-Modified: " . gmdate("D, d M Y H:i:s", time()) . " GMT");
  38                 header('Etag: '.$_SERVER['HTTP_IF_NONE_MATCH']);
  39                 header("Expires: " . gmdate("D, d M Y H:i:s", time() + (31536000)) . " GMT");
  40                 header("Cache-Control: max-age=31536000");
  41                 if (function_exists('header_remove')) {
  42                         header_remove('Last-Modified');
  43                         header_remove('Expires');
  44                         header_remove('Cache-Control');
  45                 }
  46                 exit;
  47         }
  48
  49         $default = 'images/person-175.jpg';
  50
  51         if (isset($type)) {
  52
  53                 /**
  54                  * Profile photos
  55                  */
  56
  57                 switch ($type) {
  58
  59                         case 'profile':
  60                         case 'custom':
  61                                 $resolution = 4;
  62                                 break;
  63                         case 'micro':
  64                                 $resolution = 6;
  65                                 $default = 'images/person-48.jpg';
  66                                 break;
  67                         case 'avatar':
  68                         default:
  69                                 $resolution = 5;
  70                                 $default = 'images/person-80.jpg';
  71                                 break;
  72                 }
  73
  74                 $uid = str_replace(array('.jpg', '.png', '.gif'), array('', '', ''), $person);
  75
  76                 foreach (Photo::supportedTypes() AS $m => $e) {
  77                         $uid = str_replace('.'.$e, '', $uid);
  78                 }
  79
  80                 $r = q("SELECT * FROM `photo` WHERE `scale` = %d AND `uid` = %d AND `profile` = 1 LIMIT 1",
  81                         intval($resolution),
  82                         intval($uid)
  83                 );
  84                 if (DBM::is_result($r)) {
  85                         $data = $r[0]['data'];
  86                         $mimetype = $r[0]['type'];
  87                 }
  88                 if (empty($data)) {
  89                         $data = file_get_contents($default);
  90                         $mimetype = 'image/jpeg';
  91                 }
  92         } else {
  93
  94                 /**
  95                  * Other photos
  96                  */
  97
  98                 $resolution = 0;
  99                 $photo = str_replace(array('.jpg', '.png', '.gif'), array('', '', ''), $photo);
 100
 101                 foreach (Photo::supportedTypes() AS $m => $e) {
 102                         $photo = str_replace('.'.$e, '', $photo);
 103                 }
 104
 105                 if (substr($photo, -2, 1) == '-') {
 106                         $resolution = intval(substr($photo, -1, 1));
 107                         $photo = substr($photo, 0, -2);
 108                 }
 109
 110                 // check if the photo exists and get the owner of the photo
 111                 $r = q("SELECT `uid` FROM `photo` WHERE `resource-id` = '%s' LIMIT 1",
 112                         dbesc($photo),
 113                         intval($resolution)
 114                 );
 115                 if (DBM::is_result($r)) {
 116
 117                         $sql_extra = permissions_sql($r[0]['uid']);
 118
 119                         // Now we'll see if we can access the photo
 120
 121                         $r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `scale` <= %d $sql_extra ORDER BY scale DESC LIMIT 1",
 122                                 dbesc($photo),
 123                                 intval($resolution)
 124                         );
 125
 126                         $public = (DBM::is_result($r)) && ($r[0]['allow_cid'] == '') && ($r[0]['allow_gid'] == '') && ($r[0]['deny_cid']  == '') && ($r[0]['deny_gid']  == '');
 127
 128                         if (DBM::is_result($r)) {
 129                                 $resolution = $r[0]['scale'];
 130                                 $data = $r[0]['data'];
 131                                 $mimetype = $r[0]['type'];
 132                         } else {
 133                                 // The picure exists. We already checked with the first query.
 134                                 // obviously, this is not an authorized viev!
 135                                 $data = file_get_contents('images/nosign.jpg');
 136                                 $mimetype = 'image/jpeg';
 137                                 $prvcachecontrol = true;
 138                                 $public = false;
 139                         }
 140                 }
 141         }
 142
 143         if (empty($data)) {
 144                 if (isset($resolution)) {
 145                         switch ($resolution) {
 146
 147                                 case 4:
 148                                         $data = file_get_contents('images/person-175.jpg');
 149                                         $mimetype = 'image/jpeg';
 150                                         break;
 151                                 case 5:
 152                                         $data = file_get_contents('images/person-80.jpg');
 153                                         $mimetype = 'image/jpeg';
 154                                         break;
 155                                 case 6:
 156                                         $data = file_get_contents('images/person-48.jpg');
 157                                         $mimetype = 'image/jpeg';
 158                                         break;
 159                                 default:
 160                                         killme();
 161                                         // NOTREACHED
 162                                         break;
 163                         }
 164                 }
 165         }
 166
 167         // Resize only if its not a GIF and it is supported by the library
 168         if (($mimetype != "image/gif") && in_array($mimetype, Photo::supportedTypes())) {
 169                 $ph = new Photo($data, $mimetype);
 170                 if ($ph->is_valid()) {
 171                         if (isset($customres) && $customres > 0 && $customres < 500) {
 172                                 $ph->scaleImageSquare($customres);
 173                         }
 174                         $data = $ph->imageString();
 175                         $mimetype = $ph->getType();
 176                 }
 177         }
 178
 179         if (function_exists('header_remove')) {
 180                 header_remove('Pragma');
 181                 header_remove('pragma');
 182         }
 183
 184         header("Content-type: ".$mimetype);
 185
 186         if ($prvcachecontrol) {
 187
 188                 // it is a private photo that they have no permission to view.
 189                 // tell the browser not to cache it, in case they authenticate
 190                 // and subsequently have permission to see it
 191
 192                 header("Cache-Control: no-store, no-cache, must-revalidate");
 193
 194         } else {
 195                 header("Last-Modified: " . gmdate("D, d M Y H:i:s", time()) . " GMT");
 196                 header('Etag: "'.md5($data).'"');
 197                 header("Expires: " . gmdate("D, d M Y H:i:s", time() + (31536000)) . " GMT");
 198                 header("Cache-Control: max-age=31536000");
 199         }
 200         echo $data;
 201
 202         // If the photo is public and there is an existing photo directory store the photo there
 203         if ($public and ($file != "")) {
 204                 // If the photo path isn't there, try to create it
 205                 $basepath = $a->get_basepath();
 206                 if (!is_dir($basepath."/photo")) {
 207                         if (is_writable($basepath)) {
 208                                 mkdir($basepath."/photo");
 209                         }
 210                 }
 211
 212                 if (is_dir($basepath."/photo")) {
 213                         file_put_contents($basepath."/photo/".$file, $data);
 214                 }
 215         }
 216
 217         killme();
 218         // NOTREACHED
 219 }