diff options
| author | Mario <mario@mariovavti.com> | 2023-07-11 18:57:18 +0000 |
|---|---|---|
| committer | Mario <mario@mariovavti.com> | 2023-07-11 18:57:18 +0000 |
| commit | 63fb8d03929189bfc8cbf53d23cb79984fe2c3cd (patch) | |
| tree | b9f74bd8c7721dca7ece251fdbb9a7c4fe9b949a /Zotlabs/Module/Photo.php | |
| parent | 57796a2f962d045445cbf69237bb3d6786e4d0d4 (diff) | |
| parent | 384de0925e502cfa8fe6ca287530ef5529fdff10 (diff) | |
| download | volse-hubzilla-8.6.tar.gz volse-hubzilla-8.6.tar.bz2 volse-hubzilla-8.6.zip | |
Merge branch '8.6RC'8.6
Diffstat (limited to 'Zotlabs/Module/Photo.php')
| -rw-r--r-- | Zotlabs/Module/Photo.php | 19 |
1 files changed, 12 insertions, 7 deletions
diff --git a/Zotlabs/Module/Photo.php b/Zotlabs/Module/Photo.php index fa87d96e5..cb83d78d3 100644 --- a/Zotlabs/Module/Photo.php +++ b/Zotlabs/Module/Photo.php @@ -46,7 +46,7 @@ class Photo extends \Zotlabs\Web\Controller { dbesc(argv(1)) ); if ($r) { - $allowed = attach_can_view($r[0]['uid'],$observer_xchan,argv(1)/*,$bear*/); + $allowed = attach_can_view($r[0]['uid'], $observer_xchan, argv(1), $bear); } if (! $allowed) { http_status_exit(404,'Permission denied.'); @@ -154,6 +154,11 @@ class Photo extends \Zotlabs\Web\Controller { } else { + $bear = Activity::token_from_request(); + if ($bear) { + logger('bear: ' . $bear, LOGGER_DEBUG); + } + /** * Other photos */ @@ -223,7 +228,7 @@ class Photo extends \Zotlabs\Web\Controller { } if($allowed === (-1)) - $allowed = attach_can_view($r[0]['uid'],$observer_xchan,$photo); + $allowed = attach_can_view($r[0]['uid'], $observer_xchan, $photo, $bear); $channel = channelx_by_n($r[0]['uid']); @@ -262,13 +267,13 @@ class Photo extends \Zotlabs\Web\Controller { http_status_exit(404,'not found'); } - if(! $data) - killme(); + if(! $data) + killme(); - $etag = '"' . md5($data . $modified) . '"'; + $etag = '"' . md5($data . $modified) . '"'; - if($modified == 0) - $modified = time(); + if($modified == 0) + $modified = time(); header_remove('Pragma'); if((isset($_SERVER['HTTP_IF_NONE_MATCH']) && $_SERVER['HTTP_IF_NONE_MATCH'] === $etag) || (!isset($_SERVER['HTTP_IF_NONE_MATCH']) && isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) && $_SERVER['HTTP_IF_MODIFIED_SINCE'] === gmdate("D, d M Y H:i:s", $modified) . " GMT")) { |