source: trunk/action.php @ 1612

Last change on this file since 1612 was 1612, checked in by rvelices, 17 years ago
  • plugins can have full control over the path/url of the element/image/

thumbnail/high (it is possible now to have secure images, on the fly
watermarking, mod download and media integrator plugins working together in
any combination and without touching PWG core)
  • Property svn:keywords set to Date Author Rev URL
File size: 4.5 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | PhpWebGallery - a PHP based picture gallery                           |
4// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
5// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
6// +-----------------------------------------------------------------------+
7// | branch        : BSF (Best So Far)
8// | file          : $URL: trunk/action.php $
9// | last update   : $Date: 2006-11-17 04:26:10 +0000 (Fri, 17 Nov 2006) $
10// | last modifier : $Author: rvelices $
11// | revision      : $Rev: 1612 $
12// +-----------------------------------------------------------------------+
13// | This program is free software; you can redistribute it and/or modify  |
14// | it under the terms of the GNU General Public License as published by  |
15// | the Free Software Foundation                                          |
16// |                                                                       |
17// | This program is distributed in the hope that it will be useful, but   |
18// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
19// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
20// | General Public License for more details.                              |
21// |                                                                       |
22// | You should have received a copy of the GNU General Public License     |
23// | along with this program; if not, write to the Free Software           |
24// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
25// | USA.                                                                  |
26// +-----------------------------------------------------------------------+
27
28define('PHPWG_ROOT_PATH','./');
29include_once(PHPWG_ROOT_PATH.'include/common.inc.php');
30
31// Check Access and exit when user status is not ok
32check_status(ACCESS_GUEST);
33
34function guess_mime_type($ext)
35{
36  switch ( strtolower($ext) )
37  {
38    case "jpe": case "jpeg":
39    case "jpg": $ctype="image/jpeg"; break;
40    case "png": $ctype="image/png"; break;
41    case "gif": $ctype="image/gif"; break;
42    case "tiff":
43    case "tif": $ctype="image/tiff"; break;
44    case "txt": $ctype="text/plain"; break;
45    case "html":
46    case "htm": $ctype="text/html"; break;
47    case "xml": $ctype="text/xml"; break;
48    case "pdf": $ctype="application/pdf"; break;
49    case "zip": $ctype="application/zip"; break;
50    case "ogg": $ctype="application/ogg"; break;
51    default: $ctype="application/octet-stream";
52  }
53  return $ctype;
54}
55
56function do_error( $code, $str )
57{
58  header("HTTP/1.1 $code ");
59  header("Status: $code ");
60  echo $str ;
61  exit();
62}
63
64
65if ( !isset($_GET['id']) or !is_numeric($_GET['id'])
66    or !isset($_GET['part'])
67    or !in_array($_GET['part'], array('t','e','i','h') ) )
68{
69  do_error(400, 'Invalid request - id/part');
70}
71
72$id = $_GET['id'];
73$query = '
74SELECT * FROM '. IMAGES_TABLE.'
75  WHERE id='.$id.'
76;';
77
78$result = pwg_query($query);
79$element_info = mysql_fetch_assoc($result);
80if ( empty($element_info) )
81{
82  do_error(404, 'Requested id not found');
83}
84
85// TODO - check permissions
86
87include_once(PHPWG_ROOT_PATH.'include/functions_picture.inc.php');
88$file='';
89switch ($_GET['part'])
90{
91  case 't':
92    $file = get_thumbnail_path($element_info);
93    break;
94  case 'e':
95    $file = get_element_path($element_info);
96    break;
97  case 'i':
98    $file = get_image_path($element_info);
99    break;
100  case 'h':
101    $file = get_high_path($element_info);
102    break;
103}
104
105if ( empty($file) )
106{
107  do_error(404, 'Requested file not found');
108}
109
110$http_headers = array();
111
112$ctype = null;
113if (!url_is_remote($file))
114{
115  if ( !@is_readable($file) )
116  {
117    do_error(404, "Requested file not found - $file");
118  }
119  $http_headers[] = 'Content-Length: '.@filesize($file);
120  if ( function_exists('mime_content_type') )
121  {
122    $ctype = mime_content_type($file);
123  }
124}
125if (!isset($ctype))
126{ // give it a guess
127  $ctype = guess_mime_type( get_extension($file) );
128}
129
130$http_headers[] = 'Content-Type: '.$ctype;
131
132if (!isset($_GET['view']))
133{
134  $http_headers[] = 'Content-Disposition: attachment; filename="'
135            .basename($file).'";';
136  $http_headers[] = 'Content-Transfer-Encoding: binary';
137}
138$http_headers[] = 'Pragma: public';
139$http_headers[] = 'Expires: 0';
140$http_headers[] = 'Cache-Control: must-revalidate, post-check=0, pre-check=0';
141
142
143foreach ($http_headers as $header)
144{
145  header( $header );
146}
147header("Cache-Control: private",false); //???
148
149// Looking at the safe_mode configuration for execution time
150if (ini_get('safe_mode') == 0)
151{
152  @set_time_limit(0);
153}
154
155@readfile($file);
156
157?>
Note: See TracBrowser for help on using the repository browser.