From 8ffc128d193929d9197af705974862b92a85a0fb Mon Sep 17 00:00:00 2001 From: Malf Furious Date: Thu, 31 Mar 2016 21:26:52 -0400 Subject: Add heads() function to file.php This function asserts that the requester is logged in and that the file exists before either fpassthru()-ing the contents or returning early. --- app/file.php | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) (limited to 'app/file.php') diff --git a/app/file.php b/app/file.php index 17044f3..3c34a89 100644 --- a/app/file.php +++ b/app/file.php @@ -25,6 +25,30 @@ class Resource extends Framework case "img/heads": $this->heads($file); break; } } + + /* + * Request a user head (user image) + * Requester must be currently logged in + */ + function heads($file) + { + if (!$this->getCurrentUser()) + return; + + if (!file_exists("assets/img/heads/" . $file)) + $file = "null.jpg"; + + $file = "assets/img/heads/" . $file; + $f = fopen($file, "rb"); + + if (!$f) + return; + + header("Content-type: " . mime_content_type($file)); + header("Content-length: " . filesize($file)); + fpassthru($f); + fclose($f); + } } $res = new Resource(); -- cgit v1.2.3