X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fphoto.php;h=0d60282d5ffc19f7fa39d93f9edfb12722ba25dc;hb=8f6e9fa65e252b4b630642ccdbccb06f35ab176f;hp=7783b6a256f5a4c723f1454dd4b424d458775174;hpb=de75d8ca7f3179fabcec1c954b92bce10080bfba;p=friendica.git diff --git a/mod/photo.php b/mod/photo.php index 7783b6a256..0d60282d5f 100644 --- a/mod/photo.php +++ b/mod/photo.php @@ -72,7 +72,7 @@ function photo_init(&$a) { $uid = str_replace(array('.jpg','.png'),array('',''), $person); - $r = q("SELECT * FROM `photo` WHERE `scale` = %d AND `uid` = %d AND `profile` = 1 LIMIT 1", + $r = qu("SELECT * FROM `photo` WHERE `scale` = %d AND `uid` = %d AND `profile` = 1 LIMIT 1", intval($resolution), intval($uid) ); @@ -102,7 +102,7 @@ function photo_init(&$a) { } // check if the photo exists and get the owner of the photo - $r = q("SELECT `uid` FROM `photo` WHERE `resource-id` = '%s' LIMIT 1", + $r = qu("SELECT `uid` FROM `photo` WHERE `resource-id` = '%s' LIMIT 1", dbesc($photo), intval($resolution) ); @@ -112,7 +112,7 @@ function photo_init(&$a) { // Now we'll see if we can access the photo - $r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `scale` <= %d $sql_extra ORDER BY scale DESC LIMIT 1", + $r = qu("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `scale` <= %d $sql_extra ORDER BY scale DESC LIMIT 1", dbesc($photo), intval($resolution) ); @@ -120,16 +120,16 @@ function photo_init(&$a) { $public = ($r[0]['allow_cid'] == '') AND ($r[0]['allow_gid'] == '') AND ($r[0]['deny_cid'] == '') AND ($r[0]['deny_gid'] == ''); if(count($r)) { - $resolution = $r[0]['scale']; + $resolution = $r[0]['scale']; $data = $r[0]['data']; $mimetype = $r[0]['type']; - } - else { - // The picure exists. We already checked with the first query. - // obviously, this is not an authorized viev! - $data = file_get_contents('images/nosign.jpg'); - $mimetype = 'image/jpeg'; - $prvcachecontrol = true; + } else { + // The picure exists. We already checked with the first query. + // obviously, this is not an authorized viev! + $data = file_get_contents('images/nosign.jpg'); + $mimetype = 'image/jpeg'; + $prvcachecontrol = true; + $public = false; } } } @@ -197,12 +197,13 @@ function photo_init(&$a) { // If the photo is public and there is an existing photo directory store the photo there if ($public and ($file != "")) { // If the photo path isn't there, try to create it - if (!is_dir($_SERVER["DOCUMENT_ROOT"]."/photo")) - if (is_writable($_SERVER["DOCUMENT_ROOT"])) - mkdir($_SERVER["DOCUMENT_ROOT"]."/photo"); + $basepath = $a->get_basepath(); + if (!is_dir($basepath."/photo")) + if (is_writable($basepath)) + mkdir($basepath."/photo"); - if (is_dir($_SERVER["DOCUMENT_ROOT"]."/photo")) - file_put_contents($_SERVER["DOCUMENT_ROOT"]."/photo/".$file, $data); + if (is_dir($basepath."/photo")) + file_put_contents($basepath."/photo/".$file, $data); } killme();