*/
public static function getPhoto($resourceid, $scale = 0)
{
- $r = self::selectFirst(["uid", "allow_cid", "allow_gid", "deny_cid", "deny_gid"], ["resource-id" => $resourceid]);
- if ($r === false) {
+ $r = self::selectFirst(["uid"], ["resource-id" => $resourceid]);
+ if (!DBA::isResult($r)) {
return false;
}
- $uid = $r["uid"];
- // This is the first place, when retrieving just a photo, that we know who owns the photo.
- // Check if the photo is public (empty allow and deny means public), if so, skip auth attempt, if not
- // make sure that the requester's session is appropriately authenticated to that user
- // otherwise permissions checks done by getPermissionsSQLByUserId() won't work correctly
- if (!empty($r["allow_cid"]) || !empty($r["allow_gid"]) || !empty($r["deny_cid"]) || !empty($r["deny_gid"])) {
- $r = DBA::selectFirst("user", ["nickname"], ["uid" => $uid], []);
- // this will either just return (if auth all ok) or will redirect and exit (starting over)
- DFRN::autoRedir(self::getApp(), $r["nickname"]);
- }
+ $uid = $r["uid"];
$sql_acl = Security::getPermissionsSQLByUserId($uid);
- $conditions = [
- "`resource-id` = ? AND `scale` <= ? " . $sql_acl,
- $resourceid, $scale
- ];
-
+ $conditions = ["`resource-id` = ? AND `scale` <= ? " . $sql_acl, $resourceid, $scale];
$params = ["order" => ["scale" => true]];
-
$photo = self::selectFirst([], $conditions, $params);
return $photo;
continue;
}
+ /// @todo Check if $str_contact_allow does contain a public forum. Then set the permissions to public.
+
$fields = ['allow_cid' => $str_contact_allow, 'allow_gid' => $str_group_allow,
'deny_cid' => $str_contact_deny, 'deny_gid' => $str_group_deny];
$condition = ['resource-id' => $image_uri, 'uid' => $uid];
$guid = substr($guid, 0, -2);
return $guid;
}
+
+ /**
+ * Tests if the picture link points to a locally stored picture
+ *
+ * @param string $name Picture link
+ * @return boolean
+ * @throws \Exception
+ */
+ public static function isLocal($name)
+ {
+ $guid = self::getGUID($name);
+
+ if (empty($guid)) {
+ return false;
+ }
+
+ return DBA::exists('photo', ['resource-id' => $guid]);
+ }
}