Changeset 1616 for trunk/action.php


Ignore:
Timestamp:
Nov 22, 2006, 3:57:41 AM (17 years ago)
Author:
rvelices
Message:
File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/action.php

    r1612 r1616  
    8383}
    8484
    85 // TODO - check permissions
     85$query='
     86SELECT id FROM '.CATEGORIES_TABLE.'
     87  INNER JOIN '.IMAGE_CATEGORY_TABLE.'
     88  ON category_id=id
     89  WHERE image_id='.$id.'
     90  AND category_id NOT IN ('.$user['forbidden_categories'].')
     91  LIMIT 1
     92;';
     93if ( mysql_num_rows(pwg_query($query))<1 )
     94{
     95  do_error(401, 'Access denied');
     96}
    8697
    8798include_once(PHPWG_ROOT_PATH.'include/functions_picture.inc.php');
     
    99110    break;
    100111  case 'h':
     112    if ( $user['enabled_high']!='true' )
     113    {
     114      do_error(401, 'Access denied h');
     115    }
    101116    $file = get_high_path($element_info);
    102117    break;
     
    122137    $ctype = mime_content_type($file);
    123138  }
     139
     140  $gmt_mtime = gmdate('D, d M Y H:i:s', filemtime($file)).' GMT';
     141  $http_headers[] = 'Last-Modified: '.$gmt_mtime;
     142
     143  // following lines would indicate how the client should handle the cache
     144  /* $max_age=300;
     145  $http_headers[] = 'Expires: '.gmdate('D, d M Y H:i:s', time()+$max_age).' GMT';
     146  // HTTP/1.1 only
     147  $http_headers[] = 'Cache-Control: private, must-revalidate, max-age='.$max_age;*/
     148
     149  if ( isset( $_SERVER['HTTP_IF_MODIFIED_SINCE'] ) )
     150  {
     151    header("HTTP/1.1 304 Not modified ");
     152    header("Status: 304 Not modified");
     153    foreach ($http_headers as $header)
     154    {
     155      header( $header );
     156    }
     157    exit();
     158  }
    124159}
     160
    125161if (!isset($ctype))
    126162{ // give it a guess
     
    136172  $http_headers[] = 'Content-Transfer-Encoding: binary';
    137173}
    138 $http_headers[] = 'Pragma: public';
    139 $http_headers[] = 'Expires: 0';
    140 $http_headers[] = 'Cache-Control: must-revalidate, post-check=0, pre-check=0';
    141 
     174else
     175{
     176  $http_headers[] = 'Content-Disposition: inline; filename="'
     177            .basename($file).'";';
     178}
    142179
    143180foreach ($http_headers as $header)
     
    145182  header( $header );
    146183}
    147 header("Cache-Control: private",false); //???
    148184
    149185// Looking at the safe_mode configuration for execution time
Note: See TracChangeset for help on using the changeset viewer.