plugins/SpecialUpdownload.php
changeset 231 b11a2f1353c0
parent 230 3daa715e0f69
child 242 78a94f7bb5e3
child 292 b3cfaf0a505c
equal deleted inserted replaced
229:97ae8e9d5e29 231:b11a2f1353c0
   233   {
   233   {
   234     die_friendly('Access denied', '<p>Access to the specified file is denied.</p>');
   234     die_friendly('Access denied', '<p>Access to the specified file is denied.</p>');
   235   }
   235   }
   236   
   236   
   237   $fname = ENANO_ROOT . '/files/' . $row['file_key'] . '_' . $row['time_id'] . $row['file_extension'];
   237   $fname = ENANO_ROOT . '/files/' . $row['file_key'] . '_' . $row['time_id'] . $row['file_extension'];
   238   $data = file_get_contents($fname);
   238   
   239   if(isset($_GET['preview']) && getConfig('enable_imagemagick')=='1' && file_exists(getConfig('imagemagick_path')) && substr($row['mimetype'], 0, 6) == 'image/')
   239   if ( isset($_GET['preview']) && substr($row['mimetype'], 0, 6) == 'image/' )
   240   {
   240   {
   241     $nam = tempnam('/tmp', $filename);
   241     // Determine appropriate width and height
   242     $h = @fopen($nam, 'w');
   242     $width  = ( isset($_GET['width'])  ) ? intval($_GET['width'] ) : 320;
   243     if(!$h) die('Error opening '.$nam.' for writing');
   243     $height = ( isset($_GET['height']) ) ? intval($_GET['height']) : 320;
   244     fwrite($h, $data);
   244     $cache_filename = ENANO_ROOT . "/cache/{$filename}-{$row['time_id']}-{$width}x{$height}{$row['file_extension']}";
   245     fclose($h);
   245     if ( file_exists($cache_filename) )
   246     /* Make sure the request doesn't contain commandline injection - yow! */
   246     {
   247     if(!isset($_GET['width' ]) || (isset($_GET['width'] ) && !preg_match('#^([0-9]+)$#', $_GET['width']  ))) $width  = '320'; else $width  = $_GET['width' ];
   247       $fname = $cache_filename;
   248     if(!isset($_GET['height']) || (isset($_GET['height']) && !preg_match('#^([0-9]+)$#', $_GET['height'] ))) $height = '240'; else $height = $_GET['height'];
   248     }
   249     $cache_filename=ENANO_ROOT.'/cache/'.$filename.'-'.$row['time_id'].'-'.$width.'x'.$height.$row['file_extension'];
   249     else
   250     if(getConfig('cache_thumbs')=='1' && file_exists($cache_filename) && is_writable(ENANO_ROOT.'/cache')) {
   250     {
   251       $data = file_get_contents($cache_filename);
   251       $allow_scale = false;
   252     } elseif(getConfig('enable_imagemagick')=='1' && file_exists(getConfig('imagemagick_path'))) {
   252       $orig_fname = $fname;
   253       // Use ImageMagick to convert the image
   253       // is caching enabled?
   254       //unlink($nam);
   254       if ( getConfig('cache_thumbs') == '1' )
   255       error_reporting(E_ALL);
   255       {
   256       $cmd = ''.getConfig('imagemagick_path').' "'.$nam.'" -resize "'.$width.'x'.$height.'>" "'.$nam.'.scaled'.$row['file_extension'].'"';
   256         $fname = $cache_filename;
   257       system($cmd, $stat);
   257         if ( is_writeable(dirname($fname)) )
   258       if(!file_exists($nam.'.scaled'.$row['file_extension'])) die('Failed to call ImageMagick (return value '.$stat.'), command line was:<br />'.$cmd);
   258         {
   259       $data = file_get_contents($nam.'.scaled'.$row['file_extension']);
   259           $allow_scale = true;
   260       // Be stingy about it - better to re-generate the image hundreds of times than to fail completely
   260         }
   261       if(getConfig('cache_thumbs')=='1' && !file_exists($cache_filename)) {
   261       }
   262         // Write the generated thumbnail to the cache directory
   262       else
   263         $h = @fopen($cache_filename, 'w');
   263       {
   264         if(!$h) die('Error opening cache file "'.$cache_filename.'" for writing.');
   264         // Get a temporary file
   265         fwrite($h, $data);
   265         // In this case, the file will not be cached and will be scaled each time it's requested
   266         fclose($h);
   266         $temp_dir = ( is_dir('/tmp') ) ? '/tmp' : ( isset($_ENV['TEMP']) ) ? $_ENV['TEMP'] : 'SOME RANDOM NAME';
   267       }
   267         // if tempnam() cannot use the specified directory name, it will fall back on the system default
   268     }
   268         $tempname = tempnam($temp_dir, $filename);
   269     unlink($nam);
   269         if ( $tempname && is_writeable($tempname) )
   270   }
   270         {
   271   $len = strlen($data);
   271           $allow_scale = true;
       
   272         }
       
   273       }
       
   274       if ( $allow_scale )
       
   275       {
       
   276         $result = scale_image($orig_fname, $fname, $width, $height);
       
   277         if ( !$result )
       
   278           $fname = $orig_fname;
       
   279       }
       
   280       else
       
   281       {
       
   282         $fname = $orig_fname;
       
   283       }
       
   284     }
       
   285   }
       
   286   $handle = @fopen($fname, 'r');
       
   287   if ( !$handle )
       
   288     die('Can\'t open output file for reading');
       
   289   
       
   290   $len = filesize($fname);
   272   header('Content-type: '.$row['mimetype']);
   291   header('Content-type: '.$row['mimetype']);
   273   if(isset($_GET['download'])) header('Content-disposition: attachment, filename="'.$filename.'";');
   292   if ( isset($_GET['download']) )
       
   293   {
       
   294     header('Content-disposition: attachment, filename="' . $filename . '";');
       
   295   }
   274   header('Content-length: '.$len);
   296   header('Content-length: '.$len);
   275   header('Last-Modified: '.date('r', $row['time_id']));
   297   header('Last-Modified: '.date('r', $row['time_id']));
   276   echo($data);
   298   
       
   299   // using this method limits RAM consumption
       
   300   while ( !feof($handle) )
       
   301   {
       
   302     echo fread($handle, 512000);
       
   303   }
       
   304   fclose($handle);
   277   
   305   
   278   gzip_output();
   306   gzip_output();
   279   
   307   
   280   exit;
   308   exit;
   281   
   309