X-Git-Url: http://git.roojs.org/?p=Pman.Core;a=blobdiff_plain;f=Images.php;h=bfda2826ca553b7843eda775815488e85a9443ac;hp=51ec17f5a543a3111ac389c526e31af3711edcdd;hb=refs%2Fheads%2Fwip_alan_T6343_generic_progress_bar_delete;hpb=f4b02f05fe9f3dd4f557554e5794a890c359c197 diff --git a/Images.php b/Images.php index 51ec17f5..bfda2826 100644 --- a/Images.php +++ b/Images.php @@ -2,6 +2,9 @@ /** * Deal with image delivery and HTML replacement of image links in body text. * + * + * NOTE THIS WAS NEVER INTENDED FOR PUBLIC IMAGE DISTRIBUTION - we need to create a seperate file for that... + * * $str = Pman_Core_Images::replaceImg($str); // < use with HTML * * or @@ -39,9 +42,22 @@ class Pman_Core_Images extends Pman { // tables that do not need authentication checks before serving. - var $public_image_tables = array(); - + var $public_image_tables = array( + 'crm_mailing_list_message' // we know these are ok... + ); + var $sizes = array( + '100', + '100x100', + '150', + '150x150', + '200', + '200x0', + '200x200', + '400x0', + '300x100', + '500' + ); function getAuth() { parent::getAuth(); // load company! @@ -60,6 +76,8 @@ class Pman_Core_Images extends Pman var $thumb = false; var $as_mimetype = false; var $method = 'inline'; + var $page = false; + var $is_local = false; function get($s, $opts=array()) // determin what to serve!!!! { @@ -68,8 +86,12 @@ class Pman_Core_Images extends Pman // return $this->post(); //} + $this->is_local = (!empty($_SERVER['HTTP_HOST']) && $_SERVER['HTTP_HOST'] == 'localhost') ? true : false; + $this->as_mimetype = empty($_REQUEST['as']) ? '' : $_REQUEST['as']; + $this->page = empty($_REQUEST['page']) ? false : (int) $_REQUEST['page']; + $bits= explode('/', $s); $id = 0; // var_dump($bits);die('in'); @@ -159,16 +181,18 @@ class Pman_Core_Images extends Pman } - - $img = DB_DataObjecT::factory('Images'); if (!$id || !$img->get($id)) { - $this->imgErr("image has been removed or deleted.",$s); + $this->imgErr("image has been removed or deleted.",$s); + } + + if($this->is_local) { + return $this->serve($img); } if (!$this->authUser && !in_array($img->ontable,$this->public_image_tables)) { - + if ($img->ontable != 'core_company') { $this->imgErr("not-authenticated {$img->ontable}",$s); } @@ -179,15 +203,13 @@ class Pman_Core_Images extends Pman if ($comp->comptype != 'OWNER') { $this->imgErr("not-owner-company",$s); } + return $this->serve($img); - } - if(!$this->hasPermission($img)){ $this->imgErr("access to this image/file has been denied.",$s); - } $this->serve($img); @@ -207,6 +229,9 @@ class Pman_Core_Images extends Pman function post($v) { + if (!empty($_REQUEST['_get'])) { + return $this->get($v); + } if (!$this->authUser) { $this->jerr("image conversion only allowed by registered users"); @@ -299,7 +324,12 @@ class Pman_Core_Images extends Pman $this->validateSize(); } - $x->convert( $this->as_mimetype, $this->size); + if(!empty($this->page) && !is_nan($this->page * 1)){ + $x->convert( $this->as_mimetype, $this->size, 0, $this->page); + } else { + $x->convert( $this->as_mimetype, $this->size); + } + $x->serve(); exit; @@ -309,6 +339,10 @@ class Pman_Core_Images extends Pman } function validateSize() { + if($this->is_local) { + return true; + } + if (($this->authUser && !empty($this->authUser->company_id) && $this->authUser->company()->comptype=='OWNER') || $_SERVER['SERVER_ADDR'] == $_SERVER['REMOTE_ADDR']) { return true; @@ -317,18 +351,7 @@ class Pman_Core_Images extends Pman $ff = HTML_FlexyFramework::get(); - $sizes = array( - '100', - '100x100', - '150', - '150x150', - '200', - '200x0', - '200x200', - '400x0', - '300x100', - '500' - ); + $sizes= $this->sizes; $cfg = isset($ff->Pman_Images) ? $ff->Pman_Images : (isset($ff->Pman_Core_Images) ? $ff->Pman_Core_Images : array()); @@ -454,7 +477,8 @@ class Pman_Core_Images extends Pman $id = $umatch[2]; $hash = ''; if (!empty($umatch[3]) && strpos($umatch[3],'#')) { - $hash = '#'. array_pop(explode('#',$umatch[3])); + $hh = explode('#',$umatch[3]); + $hash = '#'. array_pop($hh); } @@ -514,7 +538,6 @@ class Pman_Core_Images extends Pman function downloadEvent($bits) { - $popts = PEAR::getStaticProperty('Pman','options'); $ev = DB_DAtaObject::Factory('events'); if (!$ev->get($bits[1])) { die("could not find event id"); @@ -527,18 +550,23 @@ class Pman_Core_Images extends Pman $user = getenv('USERNAME'); // windows. } $ff = HTML_FlexyFramework::get(); - $file = $ff->Pman['event_log_dir']. '/'. $user. date('/Y/m/d/',strtotime($ev->event_when)). $ev->id . ".json"; + + $file = $ev->logDir() . date('/Y/m/d/',strtotime($ev->event_when)). $ev->id . ".json"; + + if(!$file || !file_exists($file)){ + die("file was not saved"); + } + $filesJ = json_decode(file_get_contents($file)); - //print_r($filesJ); - foreach($filesJ->FILES as $k=>$f){ if ($f->tmp_name != $bits[2]) { continue; } - $src = $ff->Pman['event_log_dir']. '/'. $user. date('/Y/m/d/', strtotime($ev->event_when)). $f->tmp_name ; - if (!file_exists($src)) { + $src = $file = $ev->logDir() . date('/Y/m/d/', strtotime($ev->event_when)). $f->tmp_name ; + + if (!$src || !file_exists($src)) { die("file was not saved"); } header ('Content-Type: ' . $f->type);