X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FModule%2FPhoto.php;h=a92568015ca72042361bb64425f90ba330feb578;hb=6dbbd081795fa1c8fe57db2248ac162efeeada88;hp=44be9a31a277cf36e41547583f41bcf6857d7eee;hpb=2b95a7e7cd76c573b82b2dbcc5ad08b1501ee89b;p=friendica.git

diff --git a/src/Module/Photo.php b/src/Module/Photo.php
index 44be9a31a2..a92568015c 100644
--- a/src/Module/Photo.php
+++ b/src/Module/Photo.php
@@ -1,6 +1,6 @@
 <?php
 /**
- * @copyright Copyright (C) 2010-2021, the Friendica project
+ * @copyright Copyright (C) 2010-2022, the Friendica project
  *
  * @license GNU AGPL version 3 or any later version
  *
@@ -29,12 +29,16 @@ use Friendica\Model\Contact;
 use Friendica\Model\Photo as MPhoto;
 use Friendica\Model\Post;
 use Friendica\Model\Profile;
-use Friendica\Model\Storage\ExternalResource;
-use Friendica\Model\Storage\SystemResource;
-use Friendica\Util\Proxy;
+use Friendica\Core\Storage\Type\ExternalResource;
+use Friendica\Core\Storage\Type\SystemResource;
+use Friendica\Model\User;
+use Friendica\Network\HTTPException;
+use Friendica\Network\HTTPException\NotModifiedException;
 use Friendica\Object\Image;
 use Friendica\Util\Images;
 use Friendica\Util\Network;
+use Friendica\Util\ParseUrl;
+use Friendica\Util\Proxy;
 
 /**
  * Photo Module
@@ -47,12 +51,11 @@ class Photo extends BaseModule
 	 * Fetch a photo or an avatar, in optional size, check for permissions and
 	 * return the image
 	 */
-	public static function rawContent(array $parameters = [])
+	protected function rawContent(array $request = [])
 	{
 		$totalstamp = microtime(true);
 
 		if (isset($_SERVER["HTTP_IF_MODIFIED_SINCE"])) {
-			header("HTTP/1.1 304 Not Modified");
 			header("Last-Modified: " . gmdate("D, d M Y H:i:s", time()) . " GMT");
 			if (!empty($_SERVER["HTTP_IF_NONE_MATCH"])) {
 				header("Etag: " . $_SERVER["HTTP_IF_NONE_MATCH"]);
@@ -64,26 +67,65 @@ class Photo extends BaseModule
 				header_remove("Expires");
 				header_remove("Cache-Control");
 			}
-			exit;
+			throw new NotModifiedException();
 		}
 
 		Profile::addVisitorCookieForHTTPSigner();
 
 		$customsize = 0;
 		$square_resize = true;
-		$photo = false;
 		$scale = null;
 		$stamp = microtime(true);
-		if (!empty($parameters['customsize'])) {
-			$customsize = intval($parameters['customsize']);
-			$uid = MPhoto::stripExtension($parameters['name']);
-			$photo = self::getAvatar($uid, $parameters['type'], $customsize);
-			$square_resize = !in_array($parameters['type'], ['media', 'preview']);
-		} elseif (!empty($parameters['type'])) {
-			$uid = MPhoto::stripExtension($parameters['name']);
-			$photo = self::getAvatar($uid, $parameters['type'], Proxy::PIXEL_SMALL);
-		} elseif (!empty($parameters['name'])) {
-			$photoid = MPhoto::stripExtension($parameters['name']);
+		// User avatar
+		if (!empty($this->parameters['type'])) {
+			if (!empty($this->parameters['customsize'])) {
+				$customsize = intval($this->parameters['customsize']);
+				$square_resize = !in_array($this->parameters['type'], ['media', 'preview']);
+			}
+
+			if (!empty($this->parameters['guid'])) {
+				$guid = $this->parameters['guid'];
+				$account = DBA::selectFirst('account-user-view', ['id'], ['guid' => $guid], ['order' => ['uid' => true]]);
+				if (empty($account)) {
+					throw new HTTPException\NotFoundException();
+				}
+
+				$id = $account['id'];
+			}
+
+			// Contact Id Fallback, to remove after version 2021.12
+			if (isset($this->parameters['contact_id'])) {
+				$id = intval($this->parameters['contact_id']);
+			}
+
+			if (!empty($this->parameters['nickname_ext'])) {
+				$nickname = pathinfo($this->parameters['nickname_ext'], PATHINFO_FILENAME);
+				$user = User::getByNickname($nickname, ['uid']);
+				if (empty($user)) {
+					throw new HTTPException\NotFoundException();
+				}
+
+				$id = $user['uid'];
+			}
+
+			// User Id Fallback, to remove after version 2021.12
+			if (!empty($this->parameters['uid_ext'])) {
+				$id = intval(pathinfo($this->parameters['uid_ext'], PATHINFO_FILENAME));
+			}
+
+			// Please refactor this for the love of everything that's good
+			if (isset($this->parameters['id'])) {
+				$id = $this->parameters['id'];
+			}
+
+			if (empty($id)) {
+				Logger::notice('No picture id was detected', ['parameters' => $this->parameters, 'query' => DI::args()->getQueryString()]);
+				throw new HTTPException\NotFoundException(DI::l10n()->t('The Photo is not available.'));
+			}
+
+			$photo = self::getPhotoByid($id, $this->parameters['type'], $customsize ?: Proxy::PIXEL_SMALL);
+		} else {
+			$photoid = pathinfo($this->parameters['name'], PATHINFO_FILENAME);
 			$scale = 0;
 			if (substr($photoid, -2, 1) == "-") {
 				$scale = intval(substr($photoid, -1, 1));
@@ -91,21 +133,24 @@ class Photo extends BaseModule
 			}
 			$photo = MPhoto::getPhoto($photoid, $scale);
 			if ($photo === false) {
-				throw new \Friendica\Network\HTTPException\NotFoundException(DI::l10n()->t('The Photo with id %s is not available.', $photoid));
+				throw new HTTPException\NotFoundException(DI::l10n()->t('The Photo with id %s is not available.', $photoid));
 			}
-		} else {
-			throw new \Friendica\Network\HTTPException\BadRequestException();
 		}
+
 		$fetch = microtime(true) - $stamp;
 
 		if ($photo === false) {
-			throw new \Friendica\Network\HTTPException\NotFoundException();
+			throw new HTTPException\NotFoundException();
 		}
 
 		$cacheable = ($photo["allow_cid"] . $photo["allow_gid"] . $photo["deny_cid"] . $photo["deny_gid"] === "") && (isset($photo["cacheable"]) ? $photo["cacheable"] : true);
 
 		$stamp = microtime(true);
+
 		$imgdata = MPhoto::getImageDataForPhoto($photo);
+		if (empty($imgdata)) {
+			throw new HTTPException\NotFoundException();
+		}
 
 		// The mimetype for an external or system resource can only be known reliably after it had been fetched
 		if (in_array($photo['backend-class'], [ExternalResource::NAME, SystemResource::NAME])) {
@@ -118,8 +163,14 @@ class Photo extends BaseModule
 		$data = microtime(true) - $stamp;
 
 		if (empty($imgdata)) {
-			Logger::warning("Invalid photo with id {$photo["id"]}.");
-			throw new \Friendica\Network\HTTPException\InternalServerErrorException(DI::l10n()->t('Invalid photo with id %s.', $photo["id"]));
+			Logger::warning('Invalid photo', ['id' => $photo['id']]);
+			if (in_array($photo['backend-class'], [ExternalResource::NAME])) {
+				$reference = json_decode($photo['backend-ref'], true);
+				$error = DI::l10n()->t('Invalid external resource with url %s.', $reference['url']);
+			} else {
+				$error = DI::l10n()->t('Invalid photo with id %s.', $photo['id']);
+			}
+			throw new HTTPException\InternalServerErrorException($error);
 		}
 
 		// if customsize is set and image is not a gif, resize it
@@ -172,11 +223,11 @@ class Photo extends BaseModule
 		exit();
 	}
 
-	private static function getAvatar($uid, $type="avatar", $customsize)
+	private static function getPhotoByid(int $id, $type, $customsize)
 	{
 		switch($type) {
 			case "preview":
-				$media = DBA::selectFirst('post-media', ['preview', 'url', 'type', 'uri-id'], ['id' => $uid]);
+				$media = DBA::selectFirst('post-media', ['preview', 'url', 'mimetype', 'type', 'uri-id'], ['id' => $id]);
 				if (empty($media)) {
 					return false;
 				}
@@ -193,10 +244,10 @@ class Photo extends BaseModule
 				if (Network::isLocalLink($url) && preg_match('|.*?/photo/(.*[a-fA-F0-9])\-(.*[0-9])\..*[\w]|', $url, $matches)) {
 					return MPhoto::getPhoto($matches[1], $matches[2]);
 				}
-		
-				return MPhoto::createPhotoForExternalResource($url, (int)local_user());
+
+				return MPhoto::createPhotoForExternalResource($url, (int)local_user(), $media['mimetype']);
 			case "media":
-				$media = DBA::selectFirst('post-media', ['url', 'uri-id'], ['id' => $uid, 'type' => Post\Media::IMAGE]);
+				$media = DBA::selectFirst('post-media', ['url', 'mimetype', 'uri-id'], ['id' => $id, 'type' => Post\Media::IMAGE]);
 				if (empty($media)) {
 					return false;
 				}
@@ -205,9 +256,16 @@ class Photo extends BaseModule
 					return MPhoto::getPhoto($matches[1], $matches[2]);
 				}
 
-				return MPhoto::createPhotoForExternalResource($media['url'], (int)local_user());
+				return MPhoto::createPhotoForExternalResource($media['url'], (int)local_user(), $media['mimetype']);
+			case "link":
+				$link = DBA::selectFirst('post-link', ['url', 'mimetype'], ['id' => $id]);
+				if (empty($link)) {
+					return false;
+				}
+
+				return MPhoto::createPhotoForExternalResource($link['url'], (int)local_user(), $link['mimetype']);
 			case "contact":
-				$contact = Contact::getById($uid, ['uid', 'url', 'avatar', 'photo', 'xmpp', 'addr']);
+				$contact = Contact::getById($id, ['uid', 'url', 'avatar', 'photo', 'xmpp', 'addr']);
 				if (empty($contact)) {
 					return false;
 				}
@@ -227,16 +285,32 @@ class Photo extends BaseModule
 					$url = $contact['avatar'];
 				} elseif (!empty($contact['avatar'])) {
 					$url = $contact['avatar'];
-				} elseif ($customsize <= Proxy::PIXEL_MICRO) {
-					$url = Contact::getDefaultAvatar($contact, Proxy::SIZE_MICRO);
-				} elseif ($customsize <= Proxy::PIXEL_THUMB) {
-					$url = Contact::getDefaultAvatar($contact, Proxy::SIZE_THUMB);
-				} else {
-					$url = Contact::getDefaultAvatar($contact, Proxy::SIZE_SMALL);
 				}
-				return MPhoto::createPhotoForExternalResource($url);
+				$mimetext = '';
+				if (!empty($url)) {
+					$mime = ParseUrl::getContentType($url);
+					if (!empty($mime)) {
+						$mimetext = $mime[0] . '/' . $mime[1];
+					} else {
+						Logger::info('Invalid file', ['url' => $url]);
+					}
+					if (!empty($mimetext) && ($mime[0] != 'image') && ($mimetext != 'application/octet-stream')) {
+						Logger::info('Unexpected Content-Type', ['mime' => $mimetext, 'url' => $url]);
+						$mimetext = '';
+					}
+				}
+				if (empty($mimetext)) {
+					if ($customsize <= Proxy::PIXEL_MICRO) {
+						$url = Contact::getDefaultAvatar($contact, Proxy::SIZE_MICRO);
+					} elseif ($customsize <= Proxy::PIXEL_THUMB) {
+						$url = Contact::getDefaultAvatar($contact, Proxy::SIZE_THUMB);
+					} else {
+						$url = Contact::getDefaultAvatar($contact, Proxy::SIZE_SMALL);
+					}
+				}
+				return MPhoto::createPhotoForExternalResource($url, 0, $mimetext);
 			case "header":
-				$contact = Contact::getById($uid, ['uid', 'url', 'header']);
+				$contact = Contact::getById($id, ['uid', 'url', 'header']);
 				if (empty($contact)) {
 					return false;
 				}
@@ -261,9 +335,9 @@ class Photo extends BaseModule
 				$scale = 5;
 		}
 
-		$photo = MPhoto::selectFirst([], ["scale" => $scale, "uid" => $uid, "profile" => 1]);
+		$photo = MPhoto::selectFirst([], ["scale" => $scale, "uid" => $id, "profile" => 1]);
 		if (empty($photo)) {
-			$contact = DBA::selectFirst('contact', [], ['uid' => $uid, 'self' => true]) ?: [];
+			$contact = DBA::selectFirst('contact', [], ['uid' => $id, 'self' => true]) ?: [];
 
 			switch($type) {
 				case "profile":