thumbnail.php 2.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101
  1. <?php
  2. /**
  3. * Show the thumbnail
  4. */
  5. // won't be able to serve anything if no guid
  6. if (!isset($_GET['guid']) || !isset($_GET['blog_guid'])) {
  7. header("HTTP/1.1 404 Not Found");
  8. exit;
  9. }
  10. $icontime = (int) $_GET['icontime'];
  11. $size = strtolower($_GET['size']);
  12. $guid = (int) $_GET['guid'];
  13. $blog_guid = (int) $_GET['blog_guid'];
  14. // If is the same ETag, content didn't changed.
  15. $etag = md5($icontime . $size . $blog_guid . $guid);
  16. if (isset($_SERVER["HTTP_IF_NONE_MATCH"])) {
  17. list ($etag_header) = explode("-", trim($_SERVER["HTTP_IF_NONE_MATCH"], "\""));
  18. if ($etag_header === $etag) {
  19. header("HTTP/1.1 304 Not Modified");
  20. exit;
  21. }
  22. }
  23. $base_dir = dirname(dirname(dirname(dirname(__FILE__))));
  24. // Get DB settings
  25. require_once $base_dir . '/engine/settings.php';
  26. require_once $base_dir . '/vendor/autoload.php';
  27. global $CONFIG;
  28. if (isset($CONFIG->dataroot)) {
  29. $data_root = $CONFIG->dataroot;
  30. }
  31. if (!isset($data_root)) {
  32. $db_config = new \Elgg\Database\Config($CONFIG);
  33. if ($db_config->isDatabaseSplit()) {
  34. $read_settings = $db_config->getConnectionConfig(\Elgg\Database\Config::READ);
  35. } else {
  36. $read_settings = $db_config->getConnectionConfig(\Elgg\Database\Config::READ_WRITE);
  37. }
  38. $mysql_dblink = @mysql_connect($read_settings["host"], $read_settings["user"], $read_settings["password"], true);
  39. if ($mysql_dblink) {
  40. if (@mysql_select_db($read_settings["database"], $mysql_dblink)) {
  41. $q = "SELECT name, value FROM {$db_config->getTablePrefix()}datalists WHERE name = 'dataroot'";
  42. $result = mysql_query($q, $mysql_dblink);
  43. if ($result) {
  44. $row = mysql_fetch_object($result);
  45. while ($row) {
  46. if ($row->name == 'dataroot') {
  47. $data_root = $row->value;
  48. }
  49. $row = mysql_fetch_object($result);
  50. }
  51. }
  52. @mysql_close($mysql_dblink);
  53. }
  54. }
  55. }
  56. if (isset($data_root)) {
  57. $locator = new \Elgg\EntityDirLocator($guid);
  58. $entity_path = $data_root . $locator->getPath();
  59. $filename = $entity_path . "blogs/{$blog_guid}{$size}.jpg";
  60. $filecontents = @file_get_contents($filename);
  61. // try fallback size
  62. if (!$filecontents && $size !== "medium") {
  63. $filename = $entity_path . "blogs/{$blog_guid}medium.jpg";
  64. $filecontents = @file_get_contents($filename);
  65. }
  66. if ($filecontents) {
  67. $filesize = strlen($filecontents);
  68. header("Content-type: image/jpeg");
  69. header('Expires: ' . gmdate('D, d M Y H:i:s \G\M\T', strtotime("+6 months")), true);
  70. header("Pragma: public");
  71. header("Cache-Control: public");
  72. header("Content-Length: $filesize");
  73. header("ETag: \"$etag\"");
  74. echo $filecontents;
  75. exit;
  76. }
  77. }
  78. // something went wrong so 404
  79. header("HTTP/1.1 404 Not Found");
  80. exit;