X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FContact%2FAvatar.php;h=38208a043efe94799dd2c0edda5adf49c98fcf30;hb=65b86fe0d556829c09e8c8f5c707b868ad37dfe1;hp=13a99f91068d0930a0a4a73c9f44b9e243503b08;hpb=cbe4a42906dc40f893825b4d2abf2102039afca0;p=friendica.git

diff --git a/src/Contact/Avatar.php b/src/Contact/Avatar.php
index 13a99f9106..38208a043e 100644
--- a/src/Contact/Avatar.php
+++ b/src/Contact/Avatar.php
@@ -39,6 +39,8 @@ use Friendica\Util\Strings;
  */
 class Avatar
 {
+	const BASE_PATH = '/avatar/';
+
 	/**
 	 * Returns a field array with locally cached avatar pictures
 	 *
@@ -105,22 +107,50 @@ class Avatar
 			return '';
 		}
 
-		$path = '/avatar/' . $filename . $size . '.' . $image->getExt();
+		$path = self::BASE_PATH . $filename . $size . '.' . $image->getExt();
 
 		$filepath = DI::basePath() . $path;
 
-		$dirpath = dirname($filepath);
+		$dirpath = DI::basePath() . self::BASE_PATH;
 
 		DI::profiler()->startRecording('file');
 
-		if (!file_exists($dirpath)) {
-			mkdir($dirpath, 0775, true);
-		} else {
-			chmod($dirpath, 0775);
+		// Fetch the permission and group ownership of the "avatar" path and apply to all files
+		$dir_perm  = fileperms($dirpath) & 0777;
+		$file_perm = fileperms($dirpath) & 0666;
+		$group     = filegroup($dirpath);
+
+		// Check directory permissions of all parts of the path
+		foreach (explode('/', dirname($filename)) as $part) {
+			$dirpath .= $part . '/';
+
+			if (!file_exists($dirpath)) {
+				if (!mkdir($dirpath, $dir_perm)) {
+					Logger::warning('Directory could not be created', ['directory' => $dirpath]);
+				}
+			} elseif ((($old_perm = fileperms($dirpath) & 0777) != $dir_perm) && !chmod($dirpath, $dir_perm)) {
+				Logger::notice('Directory permissions could not be changed', ['directory' => $dirpath, 'old' => $old_perm, 'new' => $dir_perm]);
+			}
+
+			if ((($old_group = filegroup($dirpath)) != $group) && !chgrp($dirpath, $group)) {
+				Logger::notice('Directory group could not be changed', ['directory' => $dirpath, 'old' => $old_group, 'new' => $group]);
+			}
+		}
+
+		if (!file_put_contents($filepath, $image->asString())) {
+			Logger::warning('File could not be created', ['file' => $filepath]);
 		}
 
-		file_put_contents($filepath, $image->asString());
-		chmod($filepath, 0664);
+		$old_perm  = fileperms($filepath) & 0666;
+		$old_group = filegroup($filepath);
+
+		if (($old_perm != $file_perm) && !chmod($filepath, $file_perm)) {
+			Logger::notice('File permissions could not be changed', ['file' => $filepath, 'old' => $old_perm, 'new' => $file_perm]);
+		}
+
+		if (($old_group != $group) && !chgrp($filepath, $group)) {
+			Logger::notice('File group could not be changed', ['file' => $filepath, 'old' => $old_group, 'new' => $group]);
+		}
 
 		DI::profiler()->stopRecording();
 
@@ -155,13 +185,13 @@ class Avatar
 			return '';
 		}
 
-		$path = Strings::normaliseLink(DI::baseUrl() . '/avatar');
+		$path = Strings::normaliseLink(DI::baseUrl() . self::BASE_PATH);
 
 		if (Network::getUrlMatch($path, $avatar) != $path) {
 			return '';
 		}
 
-		$filename = str_replace($path, DI::basePath(). '/avatar/', Strings::normaliseLink($avatar));
+		$filename = str_replace($path, DI::basePath(). self::BASE_PATH, Strings::normaliseLink($avatar));
 
 		DI::profiler()->startRecording('file');
 		$exists = file_exists($filename);