X-Git-Url: https://git.mxchange.org/?p=friendica.git;a=blobdiff_plain;f=mod%2Fphoto.php;h=4166b4d53949d4f9cb5b1f9467c045b224ef98e0;hp=c4a93769af8d99a0944c5a1186e053a1507137c3;hb=2f866fecf92f9baa6d526c8664705f59e7d7c8bd;hpb=b102a1d5ecda36a9a48a841f06df9ef5d33fa46a diff --git a/mod/photo.php b/mod/photo.php old mode 100755 new mode 100644 index c4a93769af..4166b4d539 --- a/mod/photo.php +++ b/mod/photo.php @@ -1,8 +1,13 @@ argc) { case 4: @@ -16,6 +21,7 @@ function photo_init(&$a) { break; case 2: $photo = $a->argv[1]; + $file = $photo; break; case 1: default: @@ -23,10 +29,26 @@ function photo_init(&$a) { // NOTREACHED } - $default = 'images/default-profile.jpg'; + // strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE']) >= filemtime($localFileName)) { + if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE'])) { + header('HTTP/1.1 304 Not Modified'); + header("Last-Modified: " . gmdate("D, d M Y H:i:s", time()) . " GMT"); + header('Etag: '.$_SERVER['HTTP_IF_NONE_MATCH']); + header("Expires: " . gmdate("D, d M Y H:i:s", time() + (31536000)) . " GMT"); + header("Cache-Control: max-age=31536000"); + if(function_exists('header_remove')) { + header_remove('Last-Modified'); + header_remove('Expires'); + header_remove('Cache-Control'); + } + exit; + } + + $default = 'images/person-175.jpg'; if(isset($type)) { + /** * Profile photos */ @@ -39,16 +61,16 @@ function photo_init(&$a) { break; case 'micro': $resolution = 6; - $default = 'images/default-profile-mm.jpg'; + $default = 'images/person-48.jpg'; break; case 'avatar': default: $resolution = 5; - $default = 'images/default-profile-sm.jpg'; + $default = 'images/person-80.jpg'; break; } - $uid = str_replace('.jpg', '', $person); + $uid = str_replace(array('.jpg','.png'),array('',''), $person); $r = q("SELECT * FROM `photo` WHERE `scale` = %d AND `uid` = %d AND `profile` = 1 LIMIT 1", intval($resolution), @@ -56,9 +78,11 @@ function photo_init(&$a) { ); if(count($r)) { $data = $r[0]['data']; + $mimetype = $r[0]['type']; } if(! isset($data)) { $data = file_get_contents($default); + $mimetype = 'image/jpeg'; } } else { @@ -68,63 +92,81 @@ function photo_init(&$a) { */ $resolution = 0; - $photo = str_replace('.jpg','',$photo); - + foreach( Photo::supportedTypes() as $m=>$e){ + $photo = str_replace(".$e",'',$photo); + } + if(substr($photo,-2,1) == '-') { $resolution = intval(substr($photo,-1,1)); $photo = substr($photo,0,-2); } - $r = q("SELECT `uid` FROM `photo` WHERE `resource-id` = '%s' AND `scale` = %d LIMIT 1", + // check if the photo exists and get the owner of the photo + $r = q("SELECT `uid` FROM `photo` WHERE `resource-id` = '%s' LIMIT 1", dbesc($photo), intval($resolution) ); if(count($r)) { - + $sql_extra = permissions_sql($r[0]['uid']); // Now we'll see if we can access the photo - $r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `scale` = %d $sql_extra LIMIT 1", + $r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `scale` <= %d $sql_extra ORDER BY scale DESC LIMIT 1", dbesc($photo), intval($resolution) ); + $public = ($r[0]['allow_cid'] == '') AND ($r[0]['allow_gid'] == '') AND ($r[0]['deny_cid'] == '') AND ($r[0]['deny_gid'] == ''); + if(count($r)) { + $resolution = $r[0]['scale']; $data = $r[0]['data']; - } - else { - - // Does the picture exist? It may be a remote person with no credentials, - // but who should otherwise be able to view it. Show a default image to let - // them know permissions was denied. It may be possible to view the image - // through an authenticated profile visit. - // There won't be many completely unauthorised people seeing this because - // they won't have the photo link, so there's a reasonable chance that the person - // might be able to obtain permission to view it. - - $r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `scale` = %d LIMIT 1", - dbesc($photo), - intval($resolution) - ); - if(count($r)) { - $data = file_get_contents('images/nosign.jpg'); - } + $mimetype = $r[0]['type']; + } else { + // The picure exists. We already checked with the first query. + // obviously, this is not an authorized viev! + $data = file_get_contents('images/nosign.jpg'); + $mimetype = 'image/jpeg'; + $prvcachecontrol = true; + $public = false; } } } if(! isset($data)) { - killme(); - // NOTREACHED + if(isset($resolution)) { + switch($resolution) { + + case 4: + $data = file_get_contents('images/person-175.jpg'); + $mimetype = 'image/jpeg'; + break; + case 5: + $data = file_get_contents('images/person-80.jpg'); + $mimetype = 'image/jpeg'; + break; + case 6: + $data = file_get_contents('images/person-48.jpg'); + $mimetype = 'image/jpeg'; + break; + default: + killme(); + // NOTREACHED + break; + } + } } - if(isset($customres) && $customres > 0 && $customres < 500) { - require_once('include/Photo.php'); - $ph = new Photo($data); + // Resize only if its not a GIF + if ($mime != "image/gif") { + $ph = new Photo($data, $mimetype); if($ph->is_valid()) { - $ph->scaleImageSquare($customres); + if(isset($customres) && $customres > 0 && $customres < 500) { + $ph->scaleImageSquare($customres); + } $data = $ph->imageString(); + $mimetype = $ph->getType(); } } @@ -133,10 +175,37 @@ function photo_init(&$a) { header_remove('pragma'); } - header("Content-type: image/jpeg"); - header("Expires: " . gmdate("D, d M Y H:i:s", time() + (3600*24)) . " GMT"); - header("Cache-Control: max-age=" . (3600*24)); + header("Content-type: ".$mimetype); + + if($prvcachecontrol) { + + // it is a private photo that they have no permission to view. + // tell the browser not to cache it, in case they authenticate + // and subsequently have permission to see it + + header("Cache-Control: no-store, no-cache, must-revalidate"); + + } + else { + header("Last-Modified: " . gmdate("D, d M Y H:i:s", time()) . " GMT"); + header('Etag: "'.md5($data).'"'); + header("Expires: " . gmdate("D, d M Y H:i:s", time() + (31536000)) . " GMT"); + header("Cache-Control: max-age=31536000"); + } echo $data; + + // If the photo is public and there is an existing photo directory store the photo there + if ($public and ($file != "")) { + // If the photo path isn't there, try to create it + $basepath = $a->get_basepath(); + if (!is_dir($basepath."/photo")) + if (is_writable($basepath)) + mkdir($basepath."/photo"); + + if (is_dir($basepath."/photo")) + file_put_contents($basepath."/photo/".$file, $data); + } + killme(); // NOTREACHED }