harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

enforce the new enhanced permissions (not just simple access controls) on photos - caveat: the default profile photo cannot be restricted. Any such restrictions will be ignored.

Browse Source
This commit is contained in:
friendica 2013-01-30 19:52:07 -08:00
parent 3d06f3964f
commit 2f9a9ec8b1
1 changed files with 9 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
mod/photo.php
View File

@ -22,13 +22,15 @@ function photo_init(&$a) {
// NOTREACHED // NOTREACHED
} }
$observer_xchan = get_observer_hash();
$default = 'images/person-175.jpg'; $default = 'images/person-175.jpg';
if(isset($type)) { if(isset($type)) {
/** /**
* Profile photos * Profile photos - Access controls on default profile photos are not honoured since they need to be exchanged with remote sites.
*
*/ */
if($type === 'profile') { if($type === 'profile') {
@ -84,8 +86,10 @@ function photo_init(&$a) {
dbesc($photo), dbesc($photo),
intval($resolution) intval($resolution)
); );
if(count($r)) { if($r) {
$allowed = perm_is_allowed($r[0]['uid'],$observer_xchan,'view_photos');
$sql_extra = permissions_sql($r[0]['uid']); $sql_extra = permissions_sql($r[0]['uid']);
// Now we'll see if we can access the photo // Now we'll see if we can access the photo
@ -95,7 +99,7 @@ function photo_init(&$a) {
intval($resolution) intval($resolution)
); );
if(count($r)) { if($r && $allowed) {
$data = $r[0]['data']; $data = $r[0]['data'];
$mimetype = $r[0]['type']; $mimetype = $r[0]['type'];
} }
@ -113,7 +117,7 @@ function photo_init(&$a) {
dbesc($photo), dbesc($photo),
intval($resolution) intval($resolution)
); );
if(count($r)) { if($r) {
$data = file_get_contents('images/nosign.jpg'); $data = file_get_contents('images/nosign.jpg');
$mimetype = 'image/jpeg'; $mimetype = 'image/jpeg';
$prvcachecontrol = true; $prvcachecontrol = true;