diff -r 000000000000 -r 7caf561c50ee plugins/gallery/fetcher.php
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/plugins/gallery/fetcher.php	Wed Jul 25 16:36:26 2007 -0400
@@ -0,0 +1,116 @@
+<?php
+
+/*
+ * Snapr
+ * Version 0.1 beta 1
+ * Copyright (C) 2007 Dan Fuhry
+ *
+ * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
+ */
+
+##
+## IMAGE FILE FETCHER
+##
+
+$plugins->attachHook('base_classes_initted', '
+  global $paths;
+    $paths->add_page(Array(
+      \'name\'=>\'Image fetcher pagelet\',
+      \'urlname\'=>\'GalleryFetcher\',
+      \'namespace\'=>\'Special\',
+      \'special\'=>0,\'visible\'=>0,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\',
+      ));
+  ');
+
+function page_Special_GalleryFetcher()
+{
+  global $db, $session, $paths, $template, $plugins; // Common objects
+  
+  $type = $paths->getParam(0);
+  if ( !in_array($type, array('thumb', 'preview', 'full')) )
+  {
+    die('Hack attempt');
+  }
+  
+  $id = intval($paths->getParam(1));
+  if ( !$id )
+  {
+    die('Hack attempt');
+  }
+  
+  // Permissions object
+  $perms = $session->fetch_page_acl($id, 'Gallery');
+  
+  if ( !$perms->get_permissions('gal_full_res') && $type == 'full' )
+  {
+    $type = 'preview';
+  }
+  
+  $q = $db->sql_query('SELECT img_filename, img_time_mod, is_folder FROM '.table_prefix.'gallery WHERE img_id=' . $id . ';');
+  if ( !$q )
+    $db->_die();
+  
+  if ( $db->numrows() < 1 )
+    die('Image not found');
+  
+  $row = $db->fetchrow();
+  
+  switch ( $type )
+  {
+    case 'thumb':
+      $filename = ENANO_ROOT . '/cache/' . $row['img_filename'] . '-thumb.jpg';
+      $mimetype = 'image/jpeg';
+      break;
+    case 'preview':
+      $filename = ENANO_ROOT . '/cache/' . $row['img_filename'] . '-preview.jpg';
+      $mimetype = 'image/jpeg';
+      break;
+    case 'full':
+      $filename = ENANO_ROOT . '/files/' . $row['img_filename'];
+      $ext = get_file_extension($filename);
+      switch($ext)
+      {
+        case 'png': $mimetype = 'image/png'; break;
+        case 'gif': $mimetype = 'image/gif'; break;
+        case 'bmp': $mimetype = 'image/bmp'; break;
+        case 'jpg': case 'jpeg': $mimetype = 'image/jpeg'; break;
+        case 'tif': case 'tiff': $mimetype = 'image/tiff'; break;
+        default: $mimetype = 'application/octet-stream';
+      }
+      break;
+    default:
+      die('PHP...insane...');
+      break;
+  }
+  
+  // Make sure we have permission to read this image
+  if ( !$perms->get_permissions('read') )
+  {
+    $filename = ENANO_ROOT . '/plugins/gallery/denied.png';
+    $mimetype = 'image/png';
+  }
+  
+  if ( $row['is_folder'] == '1' )
+  {
+    $filename = ENANO_ROOT . '/plugins/gallery/folder.png';
+    $mimetype = 'image/png';
+  }
+  
+  if ( !file_exists($filename) )
+    die('Can\'t retrieve image file ' . $filename);
+  
+  $contents = file_get_contents($filename);
+  
+  header('Content-type: '   . $mimetype);
+  header('Content-length: ' . strlen($contents));
+  header('Last-Modified: '  . date('r', $row['img_time_mod']));
+  
+  echo $contents;
+  
+}
+
+?>