reverse the default newuser privacy setting to public. Sites can over-ride.

[friendica.git] / mod / photo.php

diff --git a/mod/photo.php b/mod/photo.php
index ec53af899625e854048b9a0765ce1899a54a6c70..dee483d835bbda6479376d21a0c5a603f9cf29b1 100644 (file)
--- a/mod/photo.php
+++ b/mod/photo.php
@@ -1,6 +1,7 @@
 <?php
 
 require_once('include/security.php');
+require_once('include/Photo.php');
 
 function photo_init(&$a) {
 
@@ -28,6 +29,8 @@ function photo_init(&$a) {
                }
        }*/
 
+       $prvcachecontrol = false;
+
        switch($a->argc) {
                case 4:
                        $person = $a->argv[3];
@@ -73,7 +76,7 @@ function photo_init(&$a) {
                                break;
                }
 
-               $uid = str_replace('.jpg', '', $person);
+               $uid = str_replace(array('.jpg','.png'),array('',''), $person);
 
                $r = q("SELECT * FROM `photo` WHERE `scale` = %d AND `uid` = %d AND `profile` = 1 LIMIT 1",
                        intval($resolution),
@@ -81,9 +84,11 @@ function photo_init(&$a) {
                );
                if(count($r)) {
                        $data = $r[0]['data'];
+                       $mimetype = $r[0]['type'];
                }
                if(! isset($data)) {
                        $data = file_get_contents($default);
+                       $mimetype = 'image/jpeg';
                }
        }
        else {
@@ -93,7 +98,9 @@ function photo_init(&$a) {
                 */
 
                $resolution = 0;
-               $photo = str_replace('.jpg','',$photo);
+               foreach( Photo::supportedTypes() as $m=>$e){
+                       $photo = str_replace(".$e",'',$photo);
+               }
        
                if(substr($photo,-2,1) == '-') {
                        $resolution = intval(substr($photo,-1,1));
@@ -117,6 +124,7 @@ function photo_init(&$a) {
 
                        if(count($r)) {
                                $data = $r[0]['data'];
+                               $mimetype = $r[0]['type'];
                        }
                        else {
 
@@ -134,6 +142,8 @@ function photo_init(&$a) {
                                );
                                if(count($r)) {
                                        $data = file_get_contents('images/nosign.jpg');
+                                       $mimetype = 'image/jpeg';
+                                       $prvcachecontrol = true;
                                }
                        }
                }
@@ -145,12 +155,15 @@ function photo_init(&$a) {
 
                                case 4:
                                        $data = file_get_contents('images/person-175.jpg');
+                                       $mimetype = 'image/jpeg';
                                        break;
                                case 5:
                                        $data = file_get_contents('images/person-80.jpg');
+                                       $mimetype = 'image/jpeg';
                                        break;
                                case 6:
                                        $data = file_get_contents('images/person-48.jpg');
+                                       $mimetype = 'image/jpeg';
                                        break;
                                default:
                                        killme();
@@ -161,16 +174,16 @@ function photo_init(&$a) {
        }
 
        if(isset($customres) && $customres > 0 && $customres < 500) {
-               require_once('include/Photo.php');
-               $ph = new Photo($data);
+               $ph = new Photo($data, $mimetype);
                if($ph->is_valid()) {
                        $ph->scaleImageSquare($customres);
                        $data = $ph->imageString();
+                       $mimetype = $ph->getType();
                }
        }
 
        // Writing in cachefile
-       if ($cachefile != '')
+       if (isset($cachefile) && $cachefile != '')
                file_put_contents($cachefile, $data);
 
        if(function_exists('header_remove')) {
@@ -178,9 +191,23 @@ function photo_init(&$a) {
                header_remove('pragma');
        }
 
-       header("Content-type: image/jpeg");
-       header("Expires: " . gmdate("D, d M Y H:i:s", time() + (3600*24)) . " GMT");
-       header("Cache-Control: max-age=" . (3600*24));
+       header("Content-type: ".$mimetype);
+
+       if($prvcachecontrol) {
+
+               // it is a private photo that they have no permission to view.
+               // tell the browser not to cache it, in case they authenticate
+               // and subsequently have permission to see it
+
+               header("Cache-Control: no-store, no-cache, must-revalidate");
+
+       }
+       else {
+
+               header("Expires: " . gmdate("D, d M Y H:i:s", time() + (3600*24)) . " GMT");
+               header("Cache-Control: max-age=" . (3600*24));
+
+       }
        echo $data;
        killme();
        // NOTREACHED