X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FModel%2FPhoto.php;h=0e3661b0f33e4110915908a8542353e35823112b;hb=6bb418c5a7cdd71d28a8a572059efb14401b70bd;hp=d736890c7c1398a16539e94b2abf6b2418d4ed78;hpb=2daadb8c36dcbe32d3dce46c6152b7254b449a61;p=friendica.git

diff --git a/src/Model/Photo.php b/src/Model/Photo.php
index d736890c7c..0e3661b0f3 100644
--- a/src/Model/Photo.php
+++ b/src/Model/Photo.php
@@ -16,6 +16,7 @@ use Friendica\Database\DBA;
 use Friendica\Database\DBStructure;
 use Friendica\Model\Storage\IStorage;
 use Friendica\Object\Image;
+use Friendica\Protocol\DFRN;
 use Friendica\Util\DateTimeFormat;
 use Friendica\Util\Network;
 use Friendica\Util\Security;
@@ -129,12 +130,23 @@ class Photo extends BaseObject
 	 */
 	public static function getPhoto($resourceid, $scale = 0)
 	{
-		$r = self::selectFirst(["uid"], ["resource-id" => $resourceid]);
+		$r = self::selectFirst(["uid", "allow_cid", "allow_gid", "deny_cid", "deny_gid"], ["resource-id" => $resourceid]);
 		if ($r === false) {
 			return false;
 		}
+		$uid = $r["uid"];
 
-		$sql_acl = Security::getPermissionsSQLByUserId($r["uid"]);
+		// This is the first place, when retrieving just a photo, that we know who owns the photo.
+		// Check if the photo is public (empty allow and deny means public), if so, skip auth attempt, if not
+		// make sure that the requester's session is appropriately authenticated to that user
+		// otherwise permissions checks done by getPermissionsSQLByUserId() won't work correctly
+		if (!empty($r["allow_cid"]) || !empty($r["allow_gid"]) || !empty($r["deny_cid"]) || !empty($r["deny_gid"])) {
+			$r = DBA::selectFirst("user", ["nickname"], ["uid" => $uid], []);
+			// this will either just return (if auth all ok) or will redirect and exit (starting over)
+			DFRN::autoRedir(self::getApp(), $r["nickname"]);
+		}
+
+		$sql_acl = Security::getPermissionsSQLByUserId($uid);
 
 		$conditions = [
 			"`resource-id` = ? AND `scale` <= ? " . $sql_acl,
@@ -351,178 +363,6 @@ class Photo extends BaseObject
 		return DBA::delete("photo", $conditions, $options);
 	}
 
-	/**
-	 * @brief This function is used by the fromgplus addon
-	 *
-	 * Stores a photo based on image data or an URL
-	 *
-	 * @param integer $uid       user id
-	 * @param string  $imagedata optional, default empty
-	 * @param string  $url       optional, default empty
-	 * @return array
-	 * @throws \Friendica\Network\HTTPException\InternalServerErrorException
-	 * @throws \ImagickException
-	 */
-	public static function storeByData($uid, $imagedata = "", $url = "")
-	{
-		$a = self::getApp();
-		$logger = $a->getLogger();
-		$profiler = $a->getProfiler();
-
-		$isStored = DBA::p(
-			"SELECT `user`.`nickname`, `user`.`page-flags`, `contact`.`id` FROM `user` INNER JOIN `contact` on `user`.`uid` = `contact`.`uid`
-			WHERE `user`.`uid` = %d AND `user`.`blocked` = 0 AND `contact`.`self` = 1 LIMIT 1",
-			intval($uid)
-		);
-
-		if (!DBA::isResult($isStored)) {
-			$logger->info("Can't detect user data.", ['uid' => $uid]);
-			return [];
-		} else {
-			$isStored = DBA::toArray($isStored);
-		}
-
-		$page_owner_nick  = $isStored[0]['nickname'];
-
-		/// @TODO
-		/// $default_cid      = $isStored[0]['id'];
-		/// $community_page   = (($isStored[0]['page-flags'] == User::PAGE_FLAGS_COMMUNITY) ? true : false);
-
-		if ((strlen($imagedata) == 0) && ($url == "")) {
-			$logger->info("No image data and no url provided");
-			return [];
-		} elseif (strlen($imagedata) == 0) {
-			$logger->info("Uploading picture,", ['url' => $url]);
-
-			$stamp1 = microtime(true);
-			$imagedata = @file_get_contents($url);
-			$profiler->saveTimestamp($stamp1, "file", System::callstack());
-		}
-
-		$maxImageSize = Config::get('system', 'maximagesize');
-
-		if (($maxImageSize) && (strlen($imagedata) > $maxImageSize)) {
-			$logger->info("image exceeds size limit.", ['max' => $maxImageSize, 'current' => strlen($imagedata)]);
-			return [];
-		}
-
-		$tempFile = tempnam(get_temppath(), "cache");
-
-		$stamp1 = microtime(true);
-		file_put_contents($tempFile, $imagedata);
-		$profiler->saveTimestamp($stamp1, "file", System::callstack());
-
-		$data = getimagesize($tempFile);
-
-		if (!isset($data["mime"])) {
-			unlink($tempFile);
-			$logger->info("File is no picture");
-			return [];
-		}
-
-		$image = new Image($imagedata, $data["mime"]);
-
-		if (!$image->isValid()) {
-			unlink($tempFile);
-			$logger->info("Picture is no valid picture");
-			return [];
-		}
-
-		$image->orient($tempFile);
-		unlink($tempFile);
-
-		$max_length = Config::get('system', 'max_image_length');
-		if (! $max_length) {
-			$max_length = MAX_IMAGE_LENGTH;
-		}
-
-		if ($max_length > 0) {
-			$image->scaleDown($max_length);
-		}
-
-		$width = $image->getWidth();
-		$height = $image->getHeight();
-
-		$hash = self::newResource();
-
-		// Pictures are always public by now
-		//$defperm = '<'.$default_cid.'>';
-		$defperm = "";
-		$visitor = 0;
-
-		$isStored = Photo::store($image, $uid, $visitor, $hash, $tempFile, L10n::t('Wall Photos'), 0, 0, $defperm);
-
-		if (!$isStored) {
-			$logger->info("Picture couldn't be stored");
-			return [];
-		}
-
-		$image = ["page" => System::baseUrl().'/photos/'.$page_owner_nick.'/image/'.$hash,
-			"full" => $a->getBaseURL()."/photo/{$hash}-0.".$image->getExt()];
-
-		if ($width > 800 || $height > 800) {
-			$image["large"] = System::baseUrl()."/photo/{$hash}-0.".$image->getExt();
-		}
-
-		if ($width > 640 || $height > 640) {
-			$image->scaleDown(640);
-			$isStored = self::store($image, $uid, $visitor, $hash, $tempFile, L10n::t('Wall Photos'), 1, 0, $defperm);
-			if ($isStored) {
-				$image["medium"] = System::baseUrl()."/photo/{$hash}-1.".$image->getExt();
-			}
-		}
-
-		if ($width > 320 || $height > 320) {
-			$image->scaleDown(320);
-			$isStored = self::store($image, $uid, $visitor, $hash, $tempFile, L10n::t('Wall Photos'), 2, 0, $defperm);
-			if ($isStored) {
-				$image["small"] = System::baseUrl()."/photo/{$hash}-2.".$image->getExt();
-			}
-		}
-
-		if ($width > 160 && $height > 160) {
-			$x = 0;
-			$y = 0;
-
-			$min = $image->getWidth();
-			if ($min > 160) {
-				$x = ($min - 160) / 2;
-			}
-
-			if ($image->getHeight() < $min) {
-				$min = $image->getHeight();
-				if ($min > 160) {
-					$y = ($min - 160) / 2;
-				}
-			}
-
-			$min = 160;
-			$image->crop(160, $x, $y, $min, $min);
-
-			$isStored = self::store($image, $uid, $visitor, $hash, $tempFile, L10n::t('Wall Photos'), 3, 0, $defperm);
-			if ($isStored) {
-				$image["thumb"] = $a->getBaseURL() . "/photo/{$hash}-3." . $image->getExt();
-			}
-		}
-
-		// Set the full image as preview image. This will be overwritten, if the picture is larger than 640.
-		$image["preview"] = $image["full"];
-
-		// Deactivated, since that would result in a cropped preview, if the picture wasn't larger than 320
-		//if (isset($image["thumb"]))
-		//  $image["preview"] = $image["thumb"];
-
-		// Unsure, if this should be activated or deactivated
-		//if (isset($image["small"]))
-		//  $image["preview"] = $image["small"];
-
-		if (isset($image["medium"])) {
-			$image["preview"] = $image["medium"];
-		}
-
-		return $image;
-	}
-
 	/**
 	 * @brief Update a photo
 	 *
@@ -585,13 +425,22 @@ class Photo extends BaseObject
 		$photo_failure = false;
 
 		$filename = basename($image_url);
-		$img_str = Network::fetchUrl($image_url, true);
+		if (!empty($image_url)) {
+			$ret = Network::curl($image_url, true);
+			$img_str = $ret->getBody();
+			$type = $ret->getContentType();
+		} else {
+			$img_str = '';
+		}
 
 		if ($quit_on_error && ($img_str == "")) {
 			return false;
 		}
 
-		$type = Image::guessType($image_url, true);
+		if (empty($type)) {
+			$type = Image::guessType($image_url, true);
+		}
+
 		$Image = new Image($img_str, $type);
 		if ($Image->isValid()) {
 			$Image->scaleToSquare(300);