source: extensions/download_by_size/action.php @ 23324

Last change on this file since 23324 was 23324, checked in by plg, 7 years ago

suffix filename with width x height when photo is not the original

File size: 6.9 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | Piwigo - a PHP based photo gallery                                    |
4// +-----------------------------------------------------------------------+
5// | Copyright(C) 2008-2013 Piwigo Team                  http://piwigo.org |
6// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
7// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
8// +-----------------------------------------------------------------------+
9// | This program is free software; you can redistribute it and/or modify  |
10// | it under the terms of the GNU General Public License as published by  |
11// | the Free Software Foundation                                          |
12// |                                                                       |
13// | This program is distributed in the hope that it will be useful, but   |
14// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
15// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
16// | General Public License for more details.                              |
17// |                                                                       |
18// | You should have received a copy of the GNU General Public License     |
19// | along with this program; if not, write to the Free Software           |
20// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
21// | USA.                                                                  |
22// +-----------------------------------------------------------------------+
23
24/**
25 * This file is a duplicate of core action.php, I have only change
26 * PHPWG_ROOT_PATH and added a few lines between "//---- specific download_by_size, start"
27 * and "//---- specific download_by_size, end"
28 */
29
30define('PHPWG_ROOT_PATH','../../'); // path
31session_cache_limiter('public');
32include_once(PHPWG_ROOT_PATH.'include/common.inc.php');
33
34// Check Access and exit when user status is not ok
35check_status(ACCESS_GUEST);
36
37function guess_mime_type($ext)
38{
39  switch ( strtolower($ext) )
40  {
41    case "jpe": case "jpeg":
42    case "jpg": $ctype="image/jpeg"; break;
43    case "png": $ctype="image/png"; break;
44    case "gif": $ctype="image/gif"; break;
45    case "tiff":
46    case "tif": $ctype="image/tiff"; break;
47    case "txt": $ctype="text/plain"; break;
48    case "html":
49    case "htm": $ctype="text/html"; break;
50    case "xml": $ctype="text/xml"; break;
51    case "pdf": $ctype="application/pdf"; break;
52    case "zip": $ctype="application/zip"; break;
53    case "ogg": $ctype="application/ogg"; break;
54    default: $ctype="application/octet-stream";
55  }
56  return $ctype;
57}
58
59function do_error( $code, $str )
60{
61  set_status_header( $code );
62  echo $str ;
63  exit();
64}
65
66
67if (!isset($_GET['id'])
68    or !is_numeric($_GET['id'])
69    or !isset($_GET['part'])
70    or !in_array($_GET['part'], array('e','r') ) )
71{
72  do_error(400, 'Invalid request - id/part');
73}
74
75$query = '
76SELECT * FROM '. IMAGES_TABLE.'
77  WHERE id='.$_GET['id'].'
78;';
79
80$element_info = pwg_db_fetch_assoc(pwg_query($query));
81if ( empty($element_info) )
82{
83  do_error(404, 'Requested id not found');
84}
85
86// $filter['visible_categories'] and $filter['visible_images']
87// are not used because it's not necessary (filter <> restriction)
88$query='
89SELECT id
90  FROM '.CATEGORIES_TABLE.'
91    INNER JOIN '.IMAGE_CATEGORY_TABLE.' ON category_id = id
92  WHERE image_id = '.$_GET['id'].'
93'.get_sql_condition_FandF(
94  array(
95      'forbidden_categories' => 'category_id',
96      'forbidden_images' => 'image_id',
97    ),
98  '    AND'
99  ).'
100  LIMIT 1
101;';
102if ( pwg_db_num_rows(pwg_query($query))<1 )
103{
104  do_error(401, 'Access denied');
105}
106
107include_once(PHPWG_ROOT_PATH.'include/functions_picture.inc.php');
108$file='';
109switch ($_GET['part'])
110{
111  case 'e':
112    //---- specific download_by_size, start
113    if (isset($_GET['size']))
114    {
115      if (!in_array($_GET['size'], array_keys(ImageStdParams::get_defined_type_map())))
116      {
117        die('Hacking attempt: unknown size');
118      }
119     
120      $deriv = new DerivativeImage($_GET['size'], new SrcImage($element_info));
121      if (!file_exists($deriv->get_path()))
122      {
123        include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
124       
125        set_make_full_url();
126        fetchRemote($deriv->get_url().'&ajaxload=true', $dest);
127        unset_make_full_url();
128      }
129      $file = $deriv->get_path();
130      $size = $deriv->get_size();
131
132      // change the name of the file for download, suffix with _widthxheight before the extension
133      $basename = get_filename_wo_extension($element_info['file']);
134      $extension = get_extension($element_info['file']);
135      $element_info['file'] = $basename.'_'.$size[0].'x'.$size[1].'.'.$extension;
136    }
137    else
138    {
139    //---- specific download_by_size, end
140    if ( !$user['enabled_high'] )
141    {
142      $deriv = new DerivativeImage(IMG_XXLARGE, new SrcImage($element_info));
143      if ( !$deriv->same_as_source() )
144      {
145        do_error(401, 'Access denied e');
146      }
147    }
148    $file = get_element_path($element_info);
149    //---- specific download_by_size, start
150    }
151    //---- specific download_by_size, end
152   
153    break;
154  case 'r':
155    $file = original_to_representative( get_element_path($element_info), $element_info['representative_ext'] );
156    break;
157}
158
159if ( empty($file) )
160{
161  do_error(404, 'Requested file not found');
162}
163
164if ($_GET['part'] == 'e') {
165  pwg_log($_GET['id'], 'high');
166}
167else if ($_GET['part'] == 'e')
168{
169  pwg_log($_GET['id'], 'other');
170}
171
172$http_headers = array();
173
174$ctype = null;
175if (!url_is_remote($file))
176{
177  if ( !@is_readable($file) )
178  {
179    do_error(404, "Requested file not found - $file");
180  }
181  $http_headers[] = 'Content-Length: '.@filesize($file);
182  if ( function_exists('mime_content_type') )
183  {
184    $ctype = mime_content_type($file);
185  }
186
187  $gmt_mtime = gmdate('D, d M Y H:i:s', filemtime($file)).' GMT';
188  $http_headers[] = 'Last-Modified: '.$gmt_mtime;
189
190  // following lines would indicate how the client should handle the cache
191  /* $max_age=300;
192  $http_headers[] = 'Expires: '.gmdate('D, d M Y H:i:s', time()+$max_age).' GMT';
193  // HTTP/1.1 only
194  $http_headers[] = 'Cache-Control: private, must-revalidate, max-age='.$max_age;*/
195
196  if ( isset( $_SERVER['HTTP_IF_MODIFIED_SINCE'] ) )
197  {
198    set_status_header(304);
199    foreach ($http_headers as $header)
200    {
201      header( $header );
202    }
203    exit();
204  }
205}
206
207if (!isset($ctype))
208{ // give it a guess
209  $ctype = guess_mime_type( get_extension($file) );
210}
211
212$http_headers[] = 'Content-Type: '.$ctype;
213
214if (isset($_GET['download']))
215{
216  $http_headers[] = 'Content-Disposition: attachment; filename="'.$element_info['file'].'";';
217  $http_headers[] = 'Content-Transfer-Encoding: binary';
218}
219else
220{
221  $http_headers[] = 'Content-Disposition: inline; filename="'
222            .basename($file).'";';
223}
224
225foreach ($http_headers as $header)
226{
227  header( $header );
228}
229
230// Looking at the safe_mode configuration for execution time
231if (ini_get('safe_mode') == 0)
232{
233  @set_time_limit(0);
234}
235
236@readfile($file);
237
238?>
Note: See TracBrowser for help on using the repository browser.