aboutsummaryrefslogtreecommitdiffstats
path: root/mod
diff options
context:
space:
mode:
authorfriendica <info@friendica.com>2012-05-17 19:59:46 -0700
committerfriendica <info@friendica.com>2012-05-17 19:59:46 -0700
commit7cfa7a7671f0bf8316bc63912452e156fc48129e (patch)
treef688f6a65a3e6fe943e5d69858be650835b2dec3 /mod
parentd5d853f37f5b42d4b78f823ed0fb154064ee0e70 (diff)
downloadvolse-hubzilla-7cfa7a7671f0bf8316bc63912452e156fc48129e.tar.gz
volse-hubzilla-7cfa7a7671f0bf8316bc63912452e156fc48129e.tar.bz2
volse-hubzilla-7cfa7a7671f0bf8316bc63912452e156fc48129e.zip
tell browser not to cache permission denied (private) photos so that after authenticating we don't have to fight the browser - plus more prvgroup work
Diffstat (limited to 'mod')
-rw-r--r--mod/photo.php21
1 files changed, 19 insertions, 2 deletions
diff --git a/mod/photo.php b/mod/photo.php
index 1d38fe8e4..3cd8250a9 100644
--- a/mod/photo.php
+++ b/mod/photo.php
@@ -28,6 +28,8 @@ function photo_init(&$a) {
}
}*/
+ $prvcachecontrol = false;
+
switch($a->argc) {
case 4:
$person = $a->argv[3];
@@ -134,6 +136,7 @@ function photo_init(&$a) {
);
if(count($r)) {
$data = file_get_contents('images/nosign.jpg');
+ $prvcachecontrol = true;
}
}
}
@@ -179,8 +182,22 @@ function photo_init(&$a) {
}
header("Content-type: image/jpeg");
- header("Expires: " . gmdate("D, d M Y H:i:s", time() + (3600*24)) . " GMT");
- header("Cache-Control: max-age=" . (3600*24));
+
+ if($prvcachecontrol) {
+
+ // it is a private photo that they have no permission to view.
+ // tell the browser not to cache it, in case they authenticate
+ // and subsequently have permission to see it
+
+ header("Cache-Control: no-store, no-cache, must-revalidate");
+
+ }
+ else {
+
+ header("Expires: " . gmdate("D, d M Y H:i:s", time() + (3600*24)) . " GMT");
+ header("Cache-Control: max-age=" . (3600*24));
+
+ }
echo $data;
killme();
// NOTREACHED