diff options
Diffstat (limited to 'Zotlabs/Module/Photo.php')
-rw-r--r-- | Zotlabs/Module/Photo.php | 48 |
1 files changed, 30 insertions, 18 deletions
diff --git a/Zotlabs/Module/Photo.php b/Zotlabs/Module/Photo.php index b3171fe75..3f68e5c67 100644 --- a/Zotlabs/Module/Photo.php +++ b/Zotlabs/Module/Photo.php @@ -4,6 +4,7 @@ namespace Zotlabs\Module; require_once('include/security.php'); require_once('include/attach.php'); require_once('include/photo/photo_driver.php'); +require_once('include/photos.php'); class Photo extends \Zotlabs\Web\Controller { @@ -13,7 +14,8 @@ class Photo extends \Zotlabs\Web\Controller { $prvcachecontrol = false; $streaming = null; $channel = null; - + $person = 0; + switch(argc()) { case 4: $person = argv(3); @@ -30,8 +32,8 @@ class Photo extends \Zotlabs\Web\Controller { } $observer_xchan = get_observer_hash(); - - $default = get_default_profile_photo(); + + $default = z_root() . '/' . get_default_profile_photo(); if(isset($type)) { @@ -45,11 +47,11 @@ class Photo extends \Zotlabs\Web\Controller { case 'm': $resolution = 5; - $default = get_default_profile_photo(80); + $default = z_root() . '/' . get_default_profile_photo(80); break; case 's': $resolution = 6; - $default = get_default_profile_photo(48); + $default = z_root() . '/' . get_default_profile_photo(48); break; case 'l': default: @@ -83,7 +85,7 @@ class Photo extends \Zotlabs\Web\Controller { $data = file_get_contents($data); } if(! $data) { - $data = file_get_contents($default); + $data = fetch_image_from_url($default,$mimetype); } if(! $mimetype) { $mimetype = 'image/png'; @@ -144,6 +146,20 @@ class Photo extends \Zotlabs\Web\Controller { if(! in_array($resolution,[4,5,6])) $allowed = (-1); } + + if($allowed === (-1)) { + $allowed = attach_can_view($r[0]['uid'],$observer_xchan,$photo); + } + + if(intval($r[0]['photo_usage'])) { + $allowed = 1; + if(intval($r[0]['photo_usage']) === PHOTO_COVER) + if($resolution < PHOTO_RES_COVER_1200) + $allowed = (-1); + if(intval($r[0]['photo_usage']) === PHOTO_PROFILE) + if(! in_array($resolution,[4,5,6])) + $allowed = (-1); + } if($allowed === (-1)) $allowed = attach_can_view($r[0]['uid'],$observer_xchan,$photo); @@ -166,13 +182,12 @@ class Photo extends \Zotlabs\Web\Controller { } else { if(! $allowed) { - logger('mod_photo: forbidden. ' . \App::$query_string); - $observer = \App::get_observer(); - logger('mod_photo: observer = ' . (($observer) ? $observer['xchan_addr'] : '(not authenticated)')); - $data = file_get_contents('images/nosign.png'); - $mimetype = 'image/png'; - $prvcachecontrol = true; + http_status_exit(403,'forbidden'); } + if(! $exists) { + http_status_exit(404,'not found'); + } + } } } @@ -182,16 +197,13 @@ class Photo extends \Zotlabs\Web\Controller { switch($resolution) { case 4: - $data = file_get_contents(get_default_profile_photo()); - $mimetype = 'image/png'; + $data = fetch_image_from_url(z_root() . '/' . get_default_profile_photo(),$mimetype); break; case 5: - $data = file_get_contents(get_default_profile_photo(80)); - $mimetype = 'image/png'; + $data = fetch_image_from_url(z_root() . '/' . get_default_profile_photo(80),$mimetype); break; case 6: - $data = file_get_contents(get_default_profile_photo(48)); - $mimetype = 'image/png'; + $data = fetch_image_from_url(z_root() . '/' . get_default_profile_photo(48),$mimetype); break; default: killme(); |