aboutsummaryrefslogtreecommitdiffstats
path: root/mod/photo.php
diff options
context:
space:
mode:
authorredmatrix <git@macgirvin.com>2016-04-18 20:38:38 -0700
committerredmatrix <git@macgirvin.com>2016-04-18 20:38:38 -0700
commit2a4e8972e0edfa3156d9ce54d68ce0e54c0ec289 (patch)
tree2376d950ba2bdc7753336a3e2b94865c95c238f2 /mod/photo.php
parent2a61817bad96526994c0499f1fc0a843a9cc9405 (diff)
downloadvolse-hubzilla-2a4e8972e0edfa3156d9ce54d68ce0e54c0ec289.tar.gz
volse-hubzilla-2a4e8972e0edfa3156d9ce54d68ce0e54c0ec289.tar.bz2
volse-hubzilla-2a4e8972e0edfa3156d9ce54d68ce0e54c0ec289.zip
module updates
Diffstat (limited to 'mod/photo.php')
-rw-r--r--mod/photo.php244
1 files changed, 0 insertions, 244 deletions
diff --git a/mod/photo.php b/mod/photo.php
deleted file mode 100644
index 93c6efa95..000000000
--- a/mod/photo.php
+++ /dev/null
@@ -1,244 +0,0 @@
-<?php
-
-require_once('include/security.php');
-require_once('include/photo/photo_driver.php');
-
-function photo_init(&$a) {
-
- $prvcachecontrol = false;
-
- switch(argc()) {
- case 4:
- $person = argv(3);
- $res = argv(2);
- $type = argv(1);
- break;
- case 2:
- $photo = argv(1);
- break;
- case 1:
- default:
- killme();
- // NOTREACHED
- }
-
- $observer_xchan = get_observer_hash();
-
- $default = get_default_profile_photo();
-
- if(isset($type)) {
-
- /**
- * Profile photos - Access controls on default profile photos are not honoured since they need to be exchanged with remote sites.
- *
- */
-
- if($type === 'profile') {
- switch($res) {
-
- case 'm':
- $resolution = 5;
- $default = get_default_profile_photo(80);
- break;
- case 's':
- $resolution = 6;
- $default = get_default_profile_photo(48);
- break;
- case 'l':
- default:
- $resolution = 4;
- break;
- }
- }
-
- $uid = $person;
-
- $r = q("SELECT * FROM photo WHERE scale = %d AND uid = %d AND photo_usage = %d LIMIT 1",
- intval($resolution),
- intval($uid),
- intval(PHOTO_PROFILE)
- );
- if(count($r)) {
- $data = dbunescbin($r[0]['data']);
- $mimetype = $r[0]['type'];
- }
- if(intval($r[0]['os_storage']))
- $data = file_get_contents($data);
- if(! isset($data)) {
- $data = file_get_contents($default);
- $mimetype = 'image/png';
- }
- }
- else {
-
- /**
- * Other photos
- */
-
- /* Check for a cookie to indicate display pixel density, in order to detect high-resolution
- displays. This procedure was derived from the "Retina Images" by Jeremey Worboys,
- used in accordance with the Creative Commons Attribution 3.0 Unported License.
- Project link: https://github.com/Retina-Images/Retina-Images
- License link: http://creativecommons.org/licenses/by/3.0/
- */
- $cookie_value = false;
- if (isset($_COOKIE['devicePixelRatio'])) {
- $cookie_value = intval($_COOKIE['devicePixelRatio']);
- }
- else {
- // Force revalidation of cache on next request
- $cache_directive = 'no-cache';
- $status = 'no cookie';
- }
-
- $resolution = 0;
-
- if(strpos($photo,'.') !== false)
- $photo = substr($photo,0,strpos($photo,'.'));
-
- if(substr($photo,-2,1) == '-') {
- $resolution = intval(substr($photo,-1,1));
- $photo = substr($photo,0,-2);
- // If viewing on a high-res screen, attempt to serve a higher resolution image:
- if ($resolution == 2 && ($cookie_value > 1))
- {
- $resolution = 1;
- }
- }
-
- // If using resolution 1, make sure it exists before proceeding:
- if ($resolution == 1)
- {
- $r = q("SELECT uid FROM photo WHERE resource_id = '%s' AND scale = %d LIMIT 1",
- dbesc($photo),
- intval($resolution)
- );
- if (!($r))
- $resolution = 2;
- }
-
- $r = q("SELECT uid FROM photo WHERE resource_id = '%s' AND scale = %d LIMIT 1",
- dbesc($photo),
- intval($resolution)
- );
- if($r) {
-
- $allowed = (($r[0]['uid']) ? perm_is_allowed($r[0]['uid'],$observer_xchan,'view_storage') : true);
-
- $sql_extra = permissions_sql($r[0]['uid']);
-
- // Now we'll see if we can access the photo
-
- $r = q("SELECT * FROM photo WHERE resource_id = '%s' AND scale = %d $sql_extra LIMIT 1",
- dbesc($photo),
- intval($resolution)
- );
-
- if($r && $allowed) {
- $data = dbunescbin($r[0]['data']);
- $mimetype = $r[0]['type'];
- if(intval($r[0]['os_storage']))
- $data = file_get_contents($data);
- }
- else {
-
- // Does the picture exist? It may be a remote person with no credentials,
- // but who should otherwise be able to view it. Show a default image to let
- // them know permissions was denied. It may be possible to view the image
- // through an authenticated profile visit.
- // There won't be many completely unauthorised people seeing this because
- // they won't have the photo link, so there's a reasonable chance that the person
- // might be able to obtain permission to view it.
-
- $r = q("SELECT * FROM `photo` WHERE `resource_id` = '%s' AND `scale` = %d LIMIT 1",
- dbesc($photo),
- intval($resolution)
- );
-
- if($r) {
- logger('mod_photo: forbidden. ' . App::$query_string);
- $observer = App::get_observer();
- logger('mod_photo: observer = ' . (($observer) ? $observer['xchan_addr'] : '(not authenticated)'));
- $data = file_get_contents('images/nosign.png');
- $mimetype = 'image/png';
- $prvcachecontrol = true;
- }
- }
- }
- }
-
- if(! isset($data)) {
- if(isset($resolution)) {
- switch($resolution) {
-
- case 4:
- $data = file_get_contents(get_default_profile_photo());
- $mimetype = 'image/png';
- break;
- case 5:
- $data = file_get_contents(get_default_profile_photo(80));
- $mimetype = 'image/png';
- break;
- case 6:
- $data = file_get_contents(get_default_profile_photo(48));
- $mimetype = 'image/png';
- break;
- default:
- killme();
- // NOTREACHED
- break;
- }
- }
- }
-
- if(isset($res) && intval($res) && $res < 500) {
- $ph = photo_factory($data, $mimetype);
- if($ph->is_valid()) {
- $ph->scaleImageSquare($res);
- $data = $ph->imageString();
- $mimetype = $ph->getType();
- }
- }
-
- // Writing in cachefile
- if (isset($cachefile) && $cachefile != '')
- file_put_contents($cachefile, $data);
-
- if(function_exists('header_remove')) {
- header_remove('Pragma');
- header_remove('pragma');
- }
-
- header("Content-type: " . $mimetype);
-
- if($prvcachecontrol) {
-
- // it is a private photo that they have no permission to view.
- // tell the browser not to cache it, in case they authenticate
- // and subsequently have permission to see it
-
- header("Cache-Control: no-store, no-cache, must-revalidate");
-
- }
- else {
- // The photo cache default is 1 day to provide a privacy trade-off,
- // as somebody reducing photo permissions on a photo that is already
- // "in the wild" won't be able to stop the photo from being viewed
- // for this amount amount of time once it is in the browser cache.
- // The privacy expectations of your site members and their perception
- // of privacy where it affects the entire project may be affected.
- // This has performance considerations but we highly recommend you
- // leave it alone.
-
- $cache = get_config('system','photo_cache_time');
- if(! $cache)
- $cache = (3600 * 24); // 1 day
-
- header("Expires: " . gmdate("D, d M Y H:i:s", time() + $cache) . " GMT");
- header("Cache-Control: max-age=" . $cache);
-
- }
- echo $data;
- killme();
- // NOTREACHED
-}