author | Dan |
Thu, 29 Nov 2007 22:47:20 -0500 | |
changeset 16 | 36dd990c0c25 |
parent 9 | ebd7003e73c6 |
child 25 | d9f37d2ea2cf |
permissions | -rw-r--r-- |
0
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
1 |
<?php |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
2 |
|
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
3 |
/* |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
4 |
* Snapr |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
5 |
* Version 0.1 beta 1 |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
6 |
* Copyright (C) 2007 Dan Fuhry |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
7 |
* |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
8 |
* This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
9 |
* as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
10 |
* |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
11 |
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
12 |
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details. |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
13 |
*/ |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
14 |
|
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
15 |
## |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
16 |
## IMAGE FILE FETCHER |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
17 |
## |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
18 |
|
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
19 |
$plugins->attachHook('base_classes_initted', ' |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
20 |
global $paths; |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
21 |
$paths->add_page(Array( |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
22 |
\'name\'=>\'Image fetcher pagelet\', |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
23 |
\'urlname\'=>\'GalleryFetcher\', |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
24 |
\'namespace\'=>\'Special\', |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
25 |
\'special\'=>0,\'visible\'=>0,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\', |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
26 |
)); |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
27 |
'); |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
28 |
|
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
29 |
function page_Special_GalleryFetcher() |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
30 |
{ |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
31 |
global $db, $session, $paths, $template, $plugins; // Common objects |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
32 |
|
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
33 |
$type = $paths->getParam(0); |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
34 |
if ( !in_array($type, array('thumb', 'preview', 'full')) ) |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
35 |
{ |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
36 |
die('Hack attempt'); |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
37 |
} |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
38 |
|
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
39 |
$id = intval($paths->getParam(1)); |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
40 |
if ( !$id ) |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
41 |
{ |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
42 |
die('Hack attempt'); |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
43 |
} |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
44 |
|
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
45 |
// Permissions object |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
46 |
$perms = $session->fetch_page_acl($id, 'Gallery'); |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
47 |
|
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
48 |
if ( !$perms->get_permissions('gal_full_res') && $type == 'full' ) |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
49 |
{ |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
50 |
$type = 'preview'; |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
51 |
} |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
52 |
|
9
ebd7003e73c6
Snapr now works with Enano's HTML/gzip optimization switches (1.0 compatibility broken, need 1.0.1 now)
Dan
parents:
0
diff
changeset
|
53 |
$q = $db->sql_query('SELECT img_title, img_filename, img_time_mod, is_folder FROM '.table_prefix.'gallery WHERE img_id=' . $id . ';'); |
0
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
54 |
if ( !$q ) |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
55 |
$db->_die(); |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
56 |
|
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
57 |
if ( $db->numrows() < 1 ) |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
58 |
die('Image not found'); |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
59 |
|
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
60 |
$row = $db->fetchrow(); |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
61 |
|
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
62 |
switch ( $type ) |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
63 |
{ |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
64 |
case 'thumb': |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
65 |
$filename = ENANO_ROOT . '/cache/' . $row['img_filename'] . '-thumb.jpg'; |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
66 |
$mimetype = 'image/jpeg'; |
9
ebd7003e73c6
Snapr now works with Enano's HTML/gzip optimization switches (1.0 compatibility broken, need 1.0.1 now)
Dan
parents:
0
diff
changeset
|
67 |
$ext = "jpg"; |
0
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
68 |
break; |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
69 |
case 'preview': |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
70 |
$filename = ENANO_ROOT . '/cache/' . $row['img_filename'] . '-preview.jpg'; |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
71 |
$mimetype = 'image/jpeg'; |
9
ebd7003e73c6
Snapr now works with Enano's HTML/gzip optimization switches (1.0 compatibility broken, need 1.0.1 now)
Dan
parents:
0
diff
changeset
|
72 |
$ext = "jpg"; |
0
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
73 |
break; |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
74 |
case 'full': |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
75 |
$filename = ENANO_ROOT . '/files/' . $row['img_filename']; |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
76 |
$ext = get_file_extension($filename); |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
77 |
switch($ext) |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
78 |
{ |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
79 |
case 'png': $mimetype = 'image/png'; break; |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
80 |
case 'gif': $mimetype = 'image/gif'; break; |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
81 |
case 'bmp': $mimetype = 'image/bmp'; break; |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
82 |
case 'jpg': case 'jpeg': $mimetype = 'image/jpeg'; break; |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
83 |
case 'tif': case 'tiff': $mimetype = 'image/tiff'; break; |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
84 |
default: $mimetype = 'application/octet-stream'; |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
85 |
} |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
86 |
break; |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
87 |
default: |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
88 |
die('PHP...insane...'); |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
89 |
break; |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
90 |
} |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
91 |
|
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
92 |
// Make sure we have permission to read this image |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
93 |
if ( !$perms->get_permissions('read') ) |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
94 |
{ |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
95 |
$filename = ENANO_ROOT . '/plugins/gallery/denied.png'; |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
96 |
$mimetype = 'image/png'; |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
97 |
} |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
98 |
|
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
99 |
if ( $row['is_folder'] == '1' ) |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
100 |
{ |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
101 |
$filename = ENANO_ROOT . '/plugins/gallery/folder.png'; |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
102 |
$mimetype = 'image/png'; |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
103 |
} |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
104 |
|
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
105 |
if ( !file_exists($filename) ) |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
106 |
die('Can\'t retrieve image file ' . $filename); |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
107 |
|
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
108 |
$contents = file_get_contents($filename); |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
109 |
|
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
110 |
header('Content-type: ' . $mimetype); |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
111 |
header('Content-length: ' . strlen($contents)); |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
112 |
header('Last-Modified: ' . date('r', $row['img_time_mod'])); |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
113 |
|
9
ebd7003e73c6
Snapr now works with Enano's HTML/gzip optimization switches (1.0 compatibility broken, need 1.0.1 now)
Dan
parents:
0
diff
changeset
|
114 |
if ( isset($_GET['download']) ) |
ebd7003e73c6
Snapr now works with Enano's HTML/gzip optimization switches (1.0 compatibility broken, need 1.0.1 now)
Dan
parents:
0
diff
changeset
|
115 |
{ |
ebd7003e73c6
Snapr now works with Enano's HTML/gzip optimization switches (1.0 compatibility broken, need 1.0.1 now)
Dan
parents:
0
diff
changeset
|
116 |
// determine an appropriate non-revealing filename |
ebd7003e73c6
Snapr now works with Enano's HTML/gzip optimization switches (1.0 compatibility broken, need 1.0.1 now)
Dan
parents:
0
diff
changeset
|
117 |
$filename = str_replace(' ', '_', $row['img_title']); |
ebd7003e73c6
Snapr now works with Enano's HTML/gzip optimization switches (1.0 compatibility broken, need 1.0.1 now)
Dan
parents:
0
diff
changeset
|
118 |
$filename = preg_replace('/([^\w\._-]+)/', '-', $filename); |
ebd7003e73c6
Snapr now works with Enano's HTML/gzip optimization switches (1.0 compatibility broken, need 1.0.1 now)
Dan
parents:
0
diff
changeset
|
119 |
$filename = trim($filename, '-'); |
ebd7003e73c6
Snapr now works with Enano's HTML/gzip optimization switches (1.0 compatibility broken, need 1.0.1 now)
Dan
parents:
0
diff
changeset
|
120 |
$filename .= ".$ext"; |
ebd7003e73c6
Snapr now works with Enano's HTML/gzip optimization switches (1.0 compatibility broken, need 1.0.1 now)
Dan
parents:
0
diff
changeset
|
121 |
header('Content-disposition: attachment; filename=' . $filename); |
ebd7003e73c6
Snapr now works with Enano's HTML/gzip optimization switches (1.0 compatibility broken, need 1.0.1 now)
Dan
parents:
0
diff
changeset
|
122 |
} |
ebd7003e73c6
Snapr now works with Enano's HTML/gzip optimization switches (1.0 compatibility broken, need 1.0.1 now)
Dan
parents:
0
diff
changeset
|
123 |
|
0
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
124 |
echo $contents; |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
125 |
|
9
ebd7003e73c6
Snapr now works with Enano's HTML/gzip optimization switches (1.0 compatibility broken, need 1.0.1 now)
Dan
parents:
0
diff
changeset
|
126 |
gzip_output(); |
ebd7003e73c6
Snapr now works with Enano's HTML/gzip optimization switches (1.0 compatibility broken, need 1.0.1 now)
Dan
parents:
0
diff
changeset
|
127 |
|
ebd7003e73c6
Snapr now works with Enano's HTML/gzip optimization switches (1.0 compatibility broken, need 1.0.1 now)
Dan
parents:
0
diff
changeset
|
128 |
$db->close(); |
ebd7003e73c6
Snapr now works with Enano's HTML/gzip optimization switches (1.0 compatibility broken, need 1.0.1 now)
Dan
parents:
0
diff
changeset
|
129 |
exit; |
ebd7003e73c6
Snapr now works with Enano's HTML/gzip optimization switches (1.0 compatibility broken, need 1.0.1 now)
Dan
parents:
0
diff
changeset
|
130 |
|
0
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
131 |
} |
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
132 |
|
7caf561c50ee
Initial population; browser, viewer, uploader, and security are working
Dan
parents:
diff
changeset
|
133 |
?> |