plugins/gallery/fetcher.php
author Dan
Thu, 29 Nov 2007 22:47:20 -0500
changeset 16 36dd990c0c25
parent 9 ebd7003e73c6
child 25 d9f37d2ea2cf
permissions -rw-r--r--
Apparently didn't nail the last of that namespace typo
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
0
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
     1
<?php
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
     2
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
     3
/*
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
     4
 * Snapr
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
     5
 * Version 0.1 beta 1
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
     6
 * Copyright (C) 2007 Dan Fuhry
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
     7
 *
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
     8
 * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
     9
 * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    10
 *
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    11
 * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    12
 * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    13
 */
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    14
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    15
##
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    16
## IMAGE FILE FETCHER
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    17
##
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    18
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    19
$plugins->attachHook('base_classes_initted', '
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    20
  global $paths;
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    21
    $paths->add_page(Array(
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    22
      \'name\'=>\'Image fetcher pagelet\',
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    23
      \'urlname\'=>\'GalleryFetcher\',
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    24
      \'namespace\'=>\'Special\',
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    25
      \'special\'=>0,\'visible\'=>0,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\',
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    26
      ));
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    27
  ');
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    28
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    29
function page_Special_GalleryFetcher()
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    30
{
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    31
  global $db, $session, $paths, $template, $plugins; // Common objects
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    32
  
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    33
  $type = $paths->getParam(0);
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    34
  if ( !in_array($type, array('thumb', 'preview', 'full')) )
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    35
  {
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    36
    die('Hack attempt');
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    37
  }
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    38
  
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    39
  $id = intval($paths->getParam(1));
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    40
  if ( !$id )
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    41
  {
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    42
    die('Hack attempt');
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    43
  }
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    44
  
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    45
  // Permissions object
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    46
  $perms = $session->fetch_page_acl($id, 'Gallery');
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    47
  
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    48
  if ( !$perms->get_permissions('gal_full_res') && $type == 'full' )
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    49
  {
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    50
    $type = 'preview';
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    51
  }
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    52
  
9
ebd7003e73c6 Snapr now works with Enano's HTML/gzip optimization switches (1.0 compatibility broken, need 1.0.1 now)
Dan
parents: 0
diff changeset
    53
  $q = $db->sql_query('SELECT img_title, img_filename, img_time_mod, is_folder FROM '.table_prefix.'gallery WHERE img_id=' . $id . ';');
0
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    54
  if ( !$q )
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    55
    $db->_die();
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    56
  
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    57
  if ( $db->numrows() < 1 )
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    58
    die('Image not found');
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    59
  
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    60
  $row = $db->fetchrow();
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    61
  
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    62
  switch ( $type )
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    63
  {
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    64
    case 'thumb':
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    65
      $filename = ENANO_ROOT . '/cache/' . $row['img_filename'] . '-thumb.jpg';
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    66
      $mimetype = 'image/jpeg';
9
ebd7003e73c6 Snapr now works with Enano's HTML/gzip optimization switches (1.0 compatibility broken, need 1.0.1 now)
Dan
parents: 0
diff changeset
    67
      $ext = "jpg";
0
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    68
      break;
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    69
    case 'preview':
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    70
      $filename = ENANO_ROOT . '/cache/' . $row['img_filename'] . '-preview.jpg';
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    71
      $mimetype = 'image/jpeg';
9
ebd7003e73c6 Snapr now works with Enano's HTML/gzip optimization switches (1.0 compatibility broken, need 1.0.1 now)
Dan
parents: 0
diff changeset
    72
      $ext = "jpg";
0
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    73
      break;
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    74
    case 'full':
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    75
      $filename = ENANO_ROOT . '/files/' . $row['img_filename'];
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    76
      $ext = get_file_extension($filename);
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    77
      switch($ext)
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    78
      {
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    79
        case 'png': $mimetype = 'image/png'; break;
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    80
        case 'gif': $mimetype = 'image/gif'; break;
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    81
        case 'bmp': $mimetype = 'image/bmp'; break;
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    82
        case 'jpg': case 'jpeg': $mimetype = 'image/jpeg'; break;
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    83
        case 'tif': case 'tiff': $mimetype = 'image/tiff'; break;
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    84
        default: $mimetype = 'application/octet-stream';
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    85
      }
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    86
      break;
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    87
    default:
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    88
      die('PHP...insane...');
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    89
      break;
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    90
  }
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    91
  
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    92
  // Make sure we have permission to read this image
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    93
  if ( !$perms->get_permissions('read') )
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    94
  {
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    95
    $filename = ENANO_ROOT . '/plugins/gallery/denied.png';
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    96
    $mimetype = 'image/png';
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    97
  }
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    98
  
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
    99
  if ( $row['is_folder'] == '1' )
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
   100
  {
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
   101
    $filename = ENANO_ROOT . '/plugins/gallery/folder.png';
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
   102
    $mimetype = 'image/png';
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
   103
  }
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
   104
  
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
   105
  if ( !file_exists($filename) )
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
   106
    die('Can\'t retrieve image file ' . $filename);
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
   107
  
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
   108
  $contents = file_get_contents($filename);
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
   109
  
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
   110
  header('Content-type: '   . $mimetype);
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
   111
  header('Content-length: ' . strlen($contents));
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
   112
  header('Last-Modified: '  . date('r', $row['img_time_mod']));
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
   113
  
9
ebd7003e73c6 Snapr now works with Enano's HTML/gzip optimization switches (1.0 compatibility broken, need 1.0.1 now)
Dan
parents: 0
diff changeset
   114
  if ( isset($_GET['download']) )
ebd7003e73c6 Snapr now works with Enano's HTML/gzip optimization switches (1.0 compatibility broken, need 1.0.1 now)
Dan
parents: 0
diff changeset
   115
  {
ebd7003e73c6 Snapr now works with Enano's HTML/gzip optimization switches (1.0 compatibility broken, need 1.0.1 now)
Dan
parents: 0
diff changeset
   116
    // determine an appropriate non-revealing filename
ebd7003e73c6 Snapr now works with Enano's HTML/gzip optimization switches (1.0 compatibility broken, need 1.0.1 now)
Dan
parents: 0
diff changeset
   117
    $filename = str_replace(' ', '_', $row['img_title']);
ebd7003e73c6 Snapr now works with Enano's HTML/gzip optimization switches (1.0 compatibility broken, need 1.0.1 now)
Dan
parents: 0
diff changeset
   118
    $filename = preg_replace('/([^\w\._-]+)/', '-', $filename);
ebd7003e73c6 Snapr now works with Enano's HTML/gzip optimization switches (1.0 compatibility broken, need 1.0.1 now)
Dan
parents: 0
diff changeset
   119
    $filename = trim($filename, '-');
ebd7003e73c6 Snapr now works with Enano's HTML/gzip optimization switches (1.0 compatibility broken, need 1.0.1 now)
Dan
parents: 0
diff changeset
   120
    $filename .= ".$ext";
ebd7003e73c6 Snapr now works with Enano's HTML/gzip optimization switches (1.0 compatibility broken, need 1.0.1 now)
Dan
parents: 0
diff changeset
   121
    header('Content-disposition: attachment; filename=' . $filename);
ebd7003e73c6 Snapr now works with Enano's HTML/gzip optimization switches (1.0 compatibility broken, need 1.0.1 now)
Dan
parents: 0
diff changeset
   122
  }
ebd7003e73c6 Snapr now works with Enano's HTML/gzip optimization switches (1.0 compatibility broken, need 1.0.1 now)
Dan
parents: 0
diff changeset
   123
  
0
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
   124
  echo $contents;
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
   125
  
9
ebd7003e73c6 Snapr now works with Enano's HTML/gzip optimization switches (1.0 compatibility broken, need 1.0.1 now)
Dan
parents: 0
diff changeset
   126
  gzip_output();
ebd7003e73c6 Snapr now works with Enano's HTML/gzip optimization switches (1.0 compatibility broken, need 1.0.1 now)
Dan
parents: 0
diff changeset
   127
  
ebd7003e73c6 Snapr now works with Enano's HTML/gzip optimization switches (1.0 compatibility broken, need 1.0.1 now)
Dan
parents: 0
diff changeset
   128
  $db->close();
ebd7003e73c6 Snapr now works with Enano's HTML/gzip optimization switches (1.0 compatibility broken, need 1.0.1 now)
Dan
parents: 0
diff changeset
   129
  exit;
ebd7003e73c6 Snapr now works with Enano's HTML/gzip optimization switches (1.0 compatibility broken, need 1.0.1 now)
Dan
parents: 0
diff changeset
   130
  
0
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
   131
}
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
   132
7caf561c50ee Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff changeset
   133
?>