diff options
| author | Horus3 | 2014-10-05 22:00:36 +0200 |
|---|---|---|
| committer | Horus3 | 2014-10-05 22:00:36 +0200 |
| commit | 1851c3a180eafb4563a9f6e4dd40fcc5e925896a (patch) | |
| tree | 7e3f2c85b7297bdeaf34fac2faf8424908c8bde5 /foto/protected.php | |
| parent | 80fb01db10054baf2c4c6e70a677e429fe5c34ee (diff) | |
| download | jungegemeinde-1851c3a180eafb4563a9f6e4dd40fcc5e925896a.tar.gz | |
Experimental support for image uploading.
Diffstat (limited to 'foto/protected.php')
| -rw-r--r-- | foto/protected.php | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/foto/protected.php b/foto/protected.php new file mode 100644 index 0000000..c70772d --- /dev/null +++ b/foto/protected.php @@ -0,0 +1,25 @@ +<?php + +lredirect("index"); + +if ( ! isset($_GET["type"]) || ! isset($_GET["id"]) ) + exit; + +switch($_GET["type"]){ + case("image"): + $sql = $db->prepare("SELECT name, mime, size, hash FROM " . DBPREFIX . "image WHERE id = %s;", $_GET["id"]); + $result = $db->doQuery($sql); + $f = $result->fetch_array(MYSQLI_ASSOC); + if ( ! file_exists(IMAGE_PATH . $f["hash"] . ".gz") ){ + header($_SERVER["HTTP_PROTOCOL"] . " 404 Not Found"); + } else { + header("Content-Type: " . $f["mime"]); + header("Content-Disposition: inline; filename=".$f["name"]); + header("Content-Length: " . $f["size"]); + + readgzfile(IMAGE_PATH . $f["hash"] . ".gz"); + } + break; + default: + header($_SERVER["HTTP_PROTOCOL"] . " 404 Not Found"); +} |