diff options
| author | Mario <mario@mariovavti.com> | 2023-06-02 11:33:44 +0000 |
|---|---|---|
| committer | Mario <mario@mariovavti.com> | 2023-06-02 11:33:44 +0000 |
| commit | 48a33f08e2042b0bb809f43f9bec9d7739af3c28 (patch) | |
| tree | 91d6835c6e0421c72ae67f3d4707ed6a316a125e /Zotlabs/Module/Photo.php | |
| parent | 4b17ea04a75eba037d5ad5bc2aeffaadddfcfa04 (diff) | |
| download | volse-hubzilla-48a33f08e2042b0bb809f43f9bec9d7739af3c28.tar.gz volse-hubzilla-48a33f08e2042b0bb809f43f9bec9d7739af3c28.tar.bz2 volse-hubzilla-48a33f08e2042b0bb809f43f9bec9d7739af3c28.zip | |
ocap initial checkin
Diffstat (limited to 'Zotlabs/Module/Photo.php')
| -rw-r--r-- | Zotlabs/Module/Photo.php | 19 |
1 files changed, 12 insertions, 7 deletions
diff --git a/Zotlabs/Module/Photo.php b/Zotlabs/Module/Photo.php index fa87d96e5..cb83d78d3 100644 --- a/Zotlabs/Module/Photo.php +++ b/Zotlabs/Module/Photo.php @@ -46,7 +46,7 @@ class Photo extends \Zotlabs\Web\Controller { dbesc(argv(1)) ); if ($r) { - $allowed = attach_can_view($r[0]['uid'],$observer_xchan,argv(1)/*,$bear*/); + $allowed = attach_can_view($r[0]['uid'], $observer_xchan, argv(1), $bear); } if (! $allowed) { http_status_exit(404,'Permission denied.'); @@ -154,6 +154,11 @@ class Photo extends \Zotlabs\Web\Controller { } else { + $bear = Activity::token_from_request(); + if ($bear) { + logger('bear: ' . $bear, LOGGER_DEBUG); + } + /** * Other photos */ @@ -223,7 +228,7 @@ class Photo extends \Zotlabs\Web\Controller { } if($allowed === (-1)) - $allowed = attach_can_view($r[0]['uid'],$observer_xchan,$photo); + $allowed = attach_can_view($r[0]['uid'], $observer_xchan, $photo, $bear); $channel = channelx_by_n($r[0]['uid']); @@ -262,13 +267,13 @@ class Photo extends \Zotlabs\Web\Controller { http_status_exit(404,'not found'); } - if(! $data) - killme(); + if(! $data) + killme(); - $etag = '"' . md5($data . $modified) . '"'; + $etag = '"' . md5($data . $modified) . '"'; - if($modified == 0) - $modified = time(); + if($modified == 0) + $modified = time(); header_remove('Pragma'); if((isset($_SERVER['HTTP_IF_NONE_MATCH']) && $_SERVER['HTTP_IF_NONE_MATCH'] === $etag) || (!isset($_SERVER['HTTP_IF_NONE_MATCH']) && isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) && $_SERVER['HTTP_IF_MODIFIED_SINCE'] === gmdate("D, d M Y H:i:s", $modified) . " GMT")) { |