Pman.js

[Pman.Core] / Images.php

diff --git a/Images.php b/Images.php
index c30c140..bfda282 100644 (file)
--- a/Images.php
+++ b/Images.php
@@ -42,7 +42,9 @@ class Pman_Core_Images extends Pman
 {
     
     // tables that do not need authentication checks before serving.
-    var $public_image_tables = array();
+    var $public_image_tables = array(
+        'crm_mailing_list_message'   // we know these are ok...
+    );
     
     var  $sizes = array(
                 '100', 
@@ -75,6 +77,7 @@ class Pman_Core_Images extends Pman
     var $as_mimetype = false;
     var $method = 'inline';
     var $page = false;
+    var $is_local = false;
     
     function get($s, $opts=array()) // determin what to serve!!!!
     {
@@ -83,6 +86,8 @@ class Pman_Core_Images extends Pman
         //   return $this->post();
         //}
         
+        $this->is_local = (!empty($_SERVER['HTTP_HOST']) && $_SERVER['HTTP_HOST'] == 'localhost') ? true : false;
+        
         $this->as_mimetype = empty($_REQUEST['as']) ? '' : $_REQUEST['as'];
         
         $this->page = empty($_REQUEST['page']) ? false : (int) $_REQUEST['page'];
@@ -176,16 +181,18 @@ class Pman_Core_Images extends Pman
             
         }
         
-        
-       
         $img = DB_DataObjecT::factory('Images');
          
         if (!$id || !$img->get($id)) {
             $this->imgErr("image has been removed or deleted.",$s);
         }
         
+        if($this->is_local) {
+            return $this->serve($img);
+        }
+        
         if (!$this->authUser && !in_array($img->ontable,$this->public_image_tables)) {
-           
+            
             if ($img->ontable != 'core_company') {
                 $this->imgErr("not-authenticated {$img->ontable}",$s);
             }
@@ -196,15 +203,13 @@ class Pman_Core_Images extends Pman
             if ($comp->comptype != 'OWNER') {
                 $this->imgErr("not-owner-company",$s);
             }
+            
             return $this->serve($img);
-        
             
         }
         
-        
         if(!$this->hasPermission($img)){
             $this->imgErr("access to this image/file has been denied.",$s);
-            
         }
         
         $this->serve($img);
@@ -224,6 +229,9 @@ class Pman_Core_Images extends Pman
     
     function post($v)
     {
+        if (!empty($_REQUEST['_get'])) {
+            return $this->get($v);
+        }
         
         if (!$this->authUser) {
             $this->jerr("image conversion only allowed by registered users");
@@ -331,6 +339,10 @@ class Pman_Core_Images extends Pman
     }
     function validateSize()
     {
+        if($this->is_local) {
+            return true;
+        }
+        
         if (($this->authUser && !empty($this->authUser->company_id) && $this->authUser->company()->comptype=='OWNER')
             || $_SERVER['SERVER_ADDR'] == $_SERVER['REMOTE_ADDR']) {
             return true;
@@ -465,7 +477,8 @@ class Pman_Core_Images extends Pman
         $id = $umatch[2];
         $hash = '';
         if (!empty($umatch[3]) && strpos($umatch[3],'#')) {
-            $hash = '#'. array_pop(explode('#',$umatch[3]));
+            $hh = explode('#',$umatch[3]);
+            $hash = '#'. array_pop($hh);
         }
         
         
@@ -525,7 +538,6 @@ class Pman_Core_Images extends Pman
     
     function downloadEvent($bits)
     {
-//        $popts = PEAR::getStaticProperty('Pman','options');
         $ev = DB_DAtaObject::Factory('events');
         if (!$ev->get($bits[1])) {
             die("could not find event id");
@@ -539,15 +551,7 @@ class Pman_Core_Images extends Pman
         }
         $ff = HTML_FlexyFramework::get();
         
-        $file = false;
-        
-        if (!empty($ff->Pman['storedir'])) {
-            $file = $ff->Pman['storedir']. '/Events/'. $user. date('/Y/m/d/',strtotime($ev->event_when)). $ev->id . ".json";
-        }
-        // DEPRICATED... 
-        if (!empty($ff->Pman['event_log_dir'])) {
-            $file = $ff->Pman['event_log_dir']. '/'. $user. date('/Y/m/d/',strtotime($ev->event_when)). $ev->id . ".json";
-        }
+        $file = $ev->logDir() . date('/Y/m/d/',strtotime($ev->event_when)). $ev->id . ".json";
         
         if(!$file || !file_exists($file)){
             die("file was not saved");
@@ -560,16 +564,8 @@ class Pman_Core_Images extends Pman
                 continue;
             }
 
-            $src = false;
+            $src = $file = $ev->logDir() . date('/Y/m/d/', strtotime($ev->event_when)).  $f->tmp_name ;
             
-            if (!empty($ff->Pman['storedir'])) {
-                $src = $ff->Pman['storedir']. '/Events/'. $user. date('/Y/m/d/', strtotime($ev->event_when)).  $f->tmp_name ;
-            }
-            // DEPRICATED... 
-            if (!empty($ff->Pman['event_log_dir'])) {
-                $src = $ff->Pman['event_log_dir']. '/'. $user. date('/Y/m/d/', strtotime($ev->event_when)).  $f->tmp_name ;
-            }
-
             if (!$src || !file_exists($src)) {
                 die("file was not saved");
             }