Context Navigation

source: trunk/action.php @ 1643

Last change on this file since 1643 was 1643, checked in by rvelices, 17 years ago
new function set_status_header (set http status code) correction on recent/recent_by_child icons
Property svn:keywords set to `Date Author Rev URL`
File size: 5.3 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| PhpWebGallery - a PHP based picture gallery \|
4	// \| Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net \|
5	// \| Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net \|
6	// +-----------------------------------------------------------------------+
7	// \| branch : BSF (Best So Far)
8	// \| file : $URL: trunk/action.php $
9	// \| last update : $Date: 2006-12-08 00:12:44 +0000 (Fri, 08 Dec 2006) $
10	// \| last modifier : $Author: rvelices $
11	// \| revision : $Rev: 1643 $
12	// +-----------------------------------------------------------------------+
13	// \| This program is free software; you can redistribute it and/or modify \|
14	// \| it under the terms of the GNU General Public License as published by \|
15	// \| the Free Software Foundation \|
16	// \| \|
17	// \| This program is distributed in the hope that it will be useful, but \|
18	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
19	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
20	// \| General Public License for more details. \|
21	// \| \|
22	// \| You should have received a copy of the GNU General Public License \|
23	// \| along with this program; if not, write to the Free Software \|
24	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
25	// \| USA. \|
26	// +-----------------------------------------------------------------------+
27
28	define('PHPWG_ROOT_PATH','./');
29	include_once(PHPWG_ROOT_PATH.'include/common.inc.php');
30
31	// Check Access and exit when user status is not ok
32	check_status(ACCESS_GUEST);
33
34	function guess_mime_type($ext)
35	{
36	switch ( strtolower($ext) )
37	{
38	case "jpe": case "jpeg":
39	case "jpg": $ctype="image/jpeg"; break;
40	case "png": $ctype="image/png"; break;
41	case "gif": $ctype="image/gif"; break;
42	case "tiff":
43	case "tif": $ctype="image/tiff"; break;
44	case "txt": $ctype="text/plain"; break;
45	case "html":
46	case "htm": $ctype="text/html"; break;
47	case "xml": $ctype="text/xml"; break;
48	case "pdf": $ctype="application/pdf"; break;
49	case "zip": $ctype="application/zip"; break;
50	case "ogg": $ctype="application/ogg"; break;
51	default: $ctype="application/octet-stream";
52	}
53	return $ctype;
54	}
55
56	function do_error( $code, $str )
57	{
58	set_status_header( $code );
59	echo $str ;
60	exit();
61	}
62
63
64	if ( !isset($_GET['id']) or !is_numeric($_GET['id'])
65	or !isset($_GET['part'])
66	or !in_array($_GET['part'], array('t','e','i','h') ) )
67	{
68	do_error(400, 'Invalid request - id/part');
69	}
70
71	$id = $_GET['id'];
72	$query = '
73	SELECT * FROM '. IMAGES_TABLE.'
74	WHERE id='.$id.'
75	;';
76
77	$result = pwg_query($query);
78	$element_info = mysql_fetch_assoc($result);
79	if ( empty($element_info) )
80	{
81	do_error(404, 'Requested id not found');
82	}
83
84	$query='
85	SELECT id FROM '.CATEGORIES_TABLE.'
86	INNER JOIN '.IMAGE_CATEGORY_TABLE.'
87	ON category_id=id
88	WHERE image_id='.$id.'
89	AND category_id NOT IN ('.$user['forbidden_categories'].')
90	LIMIT 1
91	;';
92	if ( mysql_num_rows(pwg_query($query))<1 )
93	{
94	do_error(401, 'Access denied');
95	}
96
97	include_once(PHPWG_ROOT_PATH.'include/functions_picture.inc.php');
98	$file='';
99	switch ($_GET['part'])
100	{
101	case 't':
102	$file = get_thumbnail_path($element_info);
103	break;
104	case 'e':
105	$file = get_element_path($element_info);
106	break;
107	case 'i':
108	$file = get_image_path($element_info);
109	break;
110	case 'h':
111	if ( $user['enabled_high']!='true' )
112	{
113	do_error(401, 'Access denied h');
114	}
115	$file = get_high_path($element_info);
116	break;
117	}
118
119	if ( empty($file) )
120	{
121	do_error(404, 'Requested file not found');
122	}
123
124	$http_headers = array();
125
126	$ctype = null;
127	if (!url_is_remote($file))
128	{
129	if ( !@is_readable($file) )
130	{
131	do_error(404, "Requested file not found - $file");
132	}
133	$http_headers[] = 'Content-Length: '.@filesize($file);
134	if ( function_exists('mime_content_type') )
135	{
136	$ctype = mime_content_type($file);
137	}
138
139	$gmt_mtime = gmdate('D, d M Y H:i:s', filemtime($file)).' GMT';
140	$http_headers[] = 'Last-Modified: '.$gmt_mtime;
141
142	// following lines would indicate how the client should handle the cache
143	/* $max_age=300;
144	$http_headers[] = 'Expires: '.gmdate('D, d M Y H:i:s', time()+$max_age).' GMT';
145	// HTTP/1.1 only
146	$http_headers[] = 'Cache-Control: private, must-revalidate, max-age='.$max_age;*/
147
148	if ( isset( $_SERVER['HTTP_IF_MODIFIED_SINCE'] ) )
149	{
150	set_status_header(304);
151	foreach ($http_headers as $header)
152	{
153	header( $header );
154	}
155	exit();
156	}
157	}
158
159	if (!isset($ctype))
160	{ // give it a guess
161	$ctype = guess_mime_type( get_extension($file) );
162	}
163
164	$http_headers[] = 'Content-Type: '.$ctype;
165
166	if (!isset($_GET['view']))
167	{
168	$http_headers[] = 'Content-Disposition: attachment; filename="'
169	.basename($file).'";';
170	$http_headers[] = 'Content-Transfer-Encoding: binary';
171	}
172	else
173	{
174	$http_headers[] = 'Content-Disposition: inline; filename="'
175	.basename($file).'";';
176	}
177
178	foreach ($http_headers as $header)
179	{
180	header( $header );
181	}
182
183	// Looking at the safe_mode configuration for execution time
184	if (ini_get('safe_mode') == 0)
185	{
186	@set_time_limit(0);
187	}
188
189	@readfile($file);
190
191	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: