From c72abe48a82ea10d333bb691b3aad75b26a56445 Mon Sep 17 00:00:00 2001
From: Michael <heluecht@pirati.ca>
Date: Sat, 3 Jul 2021 15:29:27 +0000
Subject: [PATCH] Fixed fetching private local images

---
 src/Model/Post/Media.php | 36 ++++++++++++++++++++++++++++++++++++
 src/Model/Profile.php    | 18 ++++++++++++++++--
 src/Module/Photo.php     | 15 ++++++++++-----
 3 files changed, 62 insertions(+), 7 deletions(-)

diff --git a/src/Model/Post/Media.php b/src/Model/Post/Media.php
index 63bfe00345..65cd099f7d 100644
--- a/src/Model/Post/Media.php
+++ b/src/Model/Post/Media.php
@@ -28,8 +28,10 @@ use Friendica\Database\Database;
 use Friendica\Database\DBA;
 use Friendica\DI;
 use Friendica\Model\Item;
+use Friendica\Model\Photo;
 use Friendica\Model\Post;
 use Friendica\Util\Images;
+use Friendica\Util\Network;
 use Friendica\Util\ParseUrl;
 use Friendica\Util\Proxy;
 use Friendica\Util\Strings;
@@ -158,6 +160,10 @@ class Media
 	 */
 	public static function fetchAdditionalData(array $media)
 	{
+		if (Network::isLocalLink($media['url'])) {
+			$media = self::fetchLocalData($media);
+		}
+
 		// Fetch the mimetype or size if missing.
 		if (empty($media['mimetype']) || empty($media['size'])) {
 			$timeout = DI::config()->get('system', 'xrd_timeout');
@@ -216,6 +222,36 @@ class Media
 		return $media;
 	}
 
+	/**
+	 * Fetch media data from local resources
+	 * @param array $media 
+	 * @return array media with added data
+	 */
+	private static function fetchLocalData(array $media)
+	{
+		if (!preg_match('|.*?/photo/(.*[a-fA-F0-9])\-(.*[0-9])\..*[\w]|', $media['url'], $matches)) {
+			return $media;
+		}
+		$photo = Photo::selectFirst([], ['resource-id' => $matches[1], 'scale' => $matches[2]]);
+		if (!empty($photo)) {
+			$media['mimetype'] = $photo['type'];
+			$media['size'] = $photo['datasize'];
+			$media['width'] = $photo['width'];
+			$media['height'] = $photo['height'];
+		}
+
+		if (!preg_match('|.*?/photo/(.*[a-fA-F0-9])\-(.*[0-9])\..*[\w]|', $media['preview'], $matches)) {
+			return $media;
+		}
+		$photo = Photo::selectFirst([], ['resource-id' => $matches[1], 'scale' => $matches[2]]);
+		if (!empty($photo)) {
+			$media['preview-width'] = $photo['width'];
+			$media['preview-height'] = $photo['height'];
+		}
+
+		return $media;
+	}
+
 	/**
 	 * Add the detected type to the media array
 	 *
diff --git a/src/Model/Profile.php b/src/Model/Profile.php
index 4aacc9f9b6..a56aa05c0b 100644
--- a/src/Model/Profile.php
+++ b/src/Model/Profile.php
@@ -38,6 +38,7 @@ use Friendica\DI;
 use Friendica\Protocol\Activity;
 use Friendica\Protocol\Diaspora;
 use Friendica\Util\DateTimeFormat;
+use Friendica\Util\HTTPSignature;
 use Friendica\Util\Network;
 use Friendica\Util\Proxy as ProxyUtils;
 use Friendica\Util\Strings;
@@ -828,11 +829,11 @@ class Profile
 		// Try to find the public contact entry of the visitor.
 		$cid = Contact::getIdForURL($handle);
 		if (!$cid) {
-			Logger::log('unable to finger ' . $handle, Logger::DEBUG);
+			Logger::info('Handle not found', ['handle' => $handle]);
 			return [];
 		}
 
-		$visitor = DBA::selectFirst('contact', [], ['id' => $cid]);
+		$visitor = Contact::getById($cid);
 
 		// Authenticate the visitor.
 		$_SESSION['authenticated'] = 1;
@@ -851,6 +852,19 @@ class Profile
 		return $visitor;
 	}
 
+	/**
+	 * Set the visitor cookies (see remote_user()) for signed HTTP requests
+	 * @return array Visitor contact array
+	 */
+	public static function addVisitorCookieForHTTPSigner()
+	{
+		$requester = HTTPSignature::getSigner('', $_SERVER);
+		if (empty($requester)) {
+			return [];
+		}
+		return Profile::addVisitorCookieForHandle($requester);
+	}
+
 	/**
 	 * OpenWebAuth authentication.
 	 *
diff --git a/src/Module/Photo.php b/src/Module/Photo.php
index 57ccd1bddb..3ea7578ce1 100644
--- a/src/Module/Photo.php
+++ b/src/Module/Photo.php
@@ -33,8 +33,8 @@ use Friendica\Model\Storage\ExternalResource;
 use Friendica\Model\Storage\SystemResource;
 use Friendica\Util\Proxy;
 use Friendica\Object\Image;
-use Friendica\Util\HTTPSignature;
 use Friendica\Util\Images;
+use Friendica\Util\Network;
 
 /**
  * Photo Module
@@ -67,10 +67,7 @@ class Photo extends BaseModule
 			exit;
 		}
 
-		$requester = HTTPSignature::getSigner('', $_SERVER);
-		if (!empty($requester)) {
-			Profile::addVisitorCookieForHandle($requester);
-		}
+		Profile::addVisitorCookieForHTTPSigner();
 
 		$customsize = 0;
 		$square_resize = true;
@@ -193,6 +190,10 @@ class Photo extends BaseModule
 					return false;
 				}
 
+				if (Network::isLocalLink($url) && preg_match('|.*?/photo/(.*[a-fA-F0-9])\-(.*[0-9])\..*[\w]|', $url, $matches)) {
+					return MPhoto::getPhoto($matches[1], $matches[2]);
+				}
+		
 				return MPhoto::createPhotoForExternalResource($url, (int)local_user());
 			case "media":
 				$media = DBA::selectFirst('post-media', ['url', 'uri-id'], ['id' => $uid, 'type' => Post\Media::IMAGE]);
@@ -200,6 +201,10 @@ class Photo extends BaseModule
 					return false;
 				}
 
+				if (Network::isLocalLink($media['url']) && preg_match('|.*?/photo/(.*[a-fA-F0-9])\-(.*[0-9])\..*[\w]|', $media['url'], $matches)) {
+					return MPhoto::getPhoto($matches[1], $matches[2]);
+				}
+
 				return MPhoto::createPhotoForExternalResource($media['url'], (int)local_user());
 			case "contact":
 				$contact = Contact::getById($uid, ['uid', 'url', 'avatar', 'photo', 'xmpp', 'addr']);
-- 
2.39.5