--- a/plugins/SpecialUpdownload.php Sun Mar 28 21:49:26 2010 -0400
+++ b/plugins/SpecialUpdownload.php Sun Mar 28 23:10:46 2010 -0400
@@ -1,12 +1,12 @@
<?php
/**!info**
{
- "Plugin Name" : "plugin_specialupdownload_title",
- "Plugin URI" : "http://enanocms.org/",
- "Description" : "plugin_specialupdownload_desc",
- "Author" : "Dan Fuhry",
- "Version" : "1.1.6",
- "Author URI" : "http://enanocms.org/"
+ "Plugin Name" : "plugin_specialupdownload_title",
+ "Plugin URI" : "http://enanocms.org/",
+ "Description" : "plugin_specialupdownload_desc",
+ "Author" : "Dan Fuhry",
+ "Version" : "1.1.6",
+ "Author URI" : "http://enanocms.org/"
}
**!*/
@@ -28,295 +28,295 @@
function SpecialUpDownload_paths_init()
{
- register_special_page('UploadFile', 'specialpage_upload_file');
- register_special_page('DownloadFile', 'specialpage_download_file');
+ register_special_page('UploadFile', 'specialpage_upload_file');
+ register_special_page('DownloadFile', 'specialpage_download_file');
}
-
+
function page_Special_UploadFile()
{
- global $db, $session, $paths, $template, $plugins; // Common objects
- global $lang;
- global $cache;
- global $mime_types;
- if(getConfig('enable_uploads')!='1') { die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('upload_err_disabled_site') . '</p>'); }
- if ( !$session->get_permissions('upload_files') )
- {
- die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('upload_err_disabled_acl') . '</p>');
- }
- if(isset($_POST['doit']))
- {
- if(isset($_FILES['data']))
- {
- $file =& $_FILES['data'];
- }
- else
- {
- $file = false;
- }
- if ( !is_array($file) )
- {
- die_friendly($lang->get('upload_err_title'), '<p>' . $lang->get('upload_err_cant_get_file_meta') . '</p>');
- }
- if ( $file['size'] == 0 || $file['size'] > (int)getConfig('max_file_size', '256000') )
- {
- die_friendly($lang->get('upload_err_title'), '<p>' . $lang->get('upload_err_too_big_or_small') . '</p>');
- }
-
- $types = fetch_allowed_extensions();
- $ext = strtolower(substr($file['name'], strrpos($file['name'], '.')+1, strlen($file['name'])));
- if ( !isset($types[$ext]) || ( isset($types[$ext]) && !$types[$ext] ) )
- {
- die_friendly($lang->get('upload_err_title'), '<p>' . $lang->get('upload_err_banned_ext', array('ext' => htmlspecialchars($ext))) . '</p>');
- }
- $type = $mime_types[$ext];
- //$type = explode(';', $type); $type = $type[0];
- //if(!in_array($type, $allowed_mime_types)) die_friendly('Upload failed', '<p>The file type "'.$type.'" is not allowed.</p>');
- if($_POST['rename'] != '')
- {
- $filename = $_POST['rename'];
- }
- else
- {
- $filename = $file['name'];
- }
- $bad_chars = Array(':', '\\', '/', '<', '>', '|', '*', '?', '"', '#', '+');
- foreach($bad_chars as $ch)
- {
- if(strstr($filename, $ch) || preg_match('/^([ ]+)$/is', $filename))
- {
- die_friendly($lang->get('upload_err_title'), '<p>' . $lang->get('upload_err_banned_chars') . '</p>');
- }
- }
-
- $ns = namespace_factory($filename, 'File');
- $cdata = $ns->get_cdata();
- $is_protected = $cdata['really_protected'];
-
- if ( isPage($paths->get_pathskey($filename, 'File')) && !isset ( $_POST['update'] ) )
- {
- $upload_link = makeUrlNS('Special', 'UploadFile/'.$filename);
- die_friendly($lang->get('upload_err_title'), '<p>' . $lang->get('upload_err_already_exists', array('upload_link' => $upload_link)) . '</p>');
- }
- else if ( isset($_POST['update']) && $is_protected )
- {
- die_friendly($lang->get('upload_err_title'), '<p>' . $lang->get('upload_err_replace_protected') . '</p>');
- }
-
- $utime = time();
-
- $filename = $db->escape(sanitize_page_id($filename));
- $ext = substr($filename, strrpos($filename, '.'), strlen($filename));
- $flen = filesize($file['tmp_name']);
-
- $perms = $session->fetch_page_acl($filename, 'File');
- $comments = ( isset($_POST['update']) ) ? $db->escape($_POST['comments']) : $db->escape(RenderMan::preprocess_text($_POST['comments'], false, false, true, $perms));
- $chartag = sha1(microtime());
- $urln = str_replace(' ', '_', $filename);
-
- $key = md5($filename . '_' . ( function_exists('md5_file') ? md5_file($file['tmp_name']) : file_get_contents($file['tmp_name'])));
- $targetname = ENANO_ROOT . '/files/' . $key . $ext;
-
- if(!@move_uploaded_file($file['tmp_name'], $targetname))
- {
- die_friendly($lang->get('upload_err_title'), '<p>' . $lang->get('upload_err_move_failed') . '</p>');
- }
-
- if(getConfig('file_history') != '1')
- {
- if(!$db->sql_query('DELETE FROM '.table_prefix.'files WHERE filename=\''.$filename.'\' LIMIT 1;')) $db->_die('The old file data could not be deleted.');
- }
- if(!$db->sql_query('INSERT INTO '.table_prefix.'files(time_id,page_id,filename,size,mimetype,file_extension,file_key) VALUES('.$utime.', \''.$urln.'\', \''.$filename.'\', '.$flen.', \''.$type.'\', \''.$ext.'\', \''.$key.'\')')) $db->_die('The file data entry could not be inserted.');
- if(!isset($_POST['update']))
- {
- if(!$db->sql_query('INSERT INTO '.table_prefix.'logs(time_id,date_string,log_type,action,author,author_uid,page_id,namespace) VALUES('.$utime.', \''.enano_date(ED_DATE | ED_TIME).'\', \'page\', \'create\', \''.$session->username.'\',' . $session->user_id . ', \''.$filename.'\', \''.'File'.'\');')) $db->_die('The page log could not be updated.');
- if(!$db->sql_query('INSERT INTO '.table_prefix.'pages(name,urlname,namespace,protected,delvotes,delvote_ips) VALUES(\''.$filename.'\', \''.$urln.'\', \'File\', 0, 0, \'\')')) $db->_die('The page listing entry could not be inserted.');
- if(!$db->sql_query('INSERT INTO '.table_prefix.'page_text(page_id,namespace,page_text,char_tag) VALUES(\''.$urln.'\', \'File\', \''.$comments.'\', \''.$chartag.'\')')) $db->_die('The page text entry could not be inserted.');
- }
- else
- {
- if(!$db->sql_query('INSERT INTO '.table_prefix.'logs(time_id,date_string,log_type,action,author,author_uid,page_id,namespace,edit_summary) VALUES('.$utime.', \''.enano_date(ED_DATE | ED_TIME).'\', \'page\', \'reupload\', \''.$session->username.'\',' . $session->user_id . ', \''.$filename.'\', \''.'File'.'\', \''.$comments.'\');')) $db->_die('The page log could not be updated.');
- }
- $cache->purge('page_meta');
- die_friendly($lang->get('upload_success_title'), '<p>' . $lang->get('upload_success_body', array('file_link' => makeUrlNS('File', $filename))) . '</p>');
- }
- else
- {
- $template->header();
- $fn = $paths->getParam(0);
- if ( $fn && !$session->get_permissions('upload_new_version') )
- {
- die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('upload_err_replace_denied') . '<p>');
- }
- ?>
- <p><?php echo $lang->get('upload_intro'); ?></p>
- <p><?php
- // Get the max file size, and format it in a way that is user-friendly
-
- $fs = getConfig('max_file_size', '256000');
- $fs = (int)$fs;
- if($fs >= 1048576)
- {
- $fs = round($fs / 1048576, 1);
- $unitized = $fs . ' ' . $lang->get('etc_unit_megabytes_short');
- }
- elseif($fs >= 1024)
- {
- $fs = round($fs / 1024, 1);
- $unitized = $fs . ' ' . $lang->get('etc_unit_kilobytes_short');
- }
-
- echo $lang->get('upload_max_filesize', array(
- 'size' => $unitized
- ));
- ?></p>
- <form action="<?php echo makeUrl($paths->page); ?>" method="post" enctype="multipart/form-data">
- <table border="0" cellspacing="1" cellpadding="4">
- <tr><td><?php echo $lang->get('upload_field_file'); ?></td><td><input name="data" type="file" size="40" /></td></tr>
- <tr><td><?php echo $lang->get('upload_field_renameto'); ?></td><td><input name="rename" type="text" size="40"<?php if($fn) echo ' value="'.$fn.'" readonly="readonly"'; ?> /></td></tr>
- <?php
- if(!$fn) echo '<tr><td>' . $lang->get('upload_field_comments') . '</td><td><textarea name="comments" rows="20" cols="60"></textarea></td></tr>';
- else echo '<tr><td>' . $lang->get('upload_field_reason') . '</td><td><input name="comments" size="50" /></td></tr>';
- ?>
- <tr><td colspan="2" style="text-align: center">
- <?php
- if($fn)
- echo '<input type="hidden" name="update" value="true" />';
- ?>
- <input type="submit" name="doit" value="<?php echo $lang->get('upload_btn_upload'); ?>" />
- </td></tr>
- </table>
- </form>
- <?php
- $template->footer();
- }
+ global $db, $session, $paths, $template, $plugins; // Common objects
+ global $lang;
+ global $cache;
+ global $mime_types;
+ if(getConfig('enable_uploads')!='1') { die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('upload_err_disabled_site') . '</p>'); }
+ if ( !$session->get_permissions('upload_files') )
+ {
+ die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('upload_err_disabled_acl') . '</p>');
+ }
+ if(isset($_POST['doit']))
+ {
+ if(isset($_FILES['data']))
+ {
+ $file =& $_FILES['data'];
+ }
+ else
+ {
+ $file = false;
+ }
+ if ( !is_array($file) )
+ {
+ die_friendly($lang->get('upload_err_title'), '<p>' . $lang->get('upload_err_cant_get_file_meta') . '</p>');
+ }
+ if ( $file['size'] == 0 || $file['size'] > (int)getConfig('max_file_size', '256000') )
+ {
+ die_friendly($lang->get('upload_err_title'), '<p>' . $lang->get('upload_err_too_big_or_small') . '</p>');
+ }
+
+ $types = fetch_allowed_extensions();
+ $ext = strtolower(substr($file['name'], strrpos($file['name'], '.')+1, strlen($file['name'])));
+ if ( !isset($types[$ext]) || ( isset($types[$ext]) && !$types[$ext] ) )
+ {
+ die_friendly($lang->get('upload_err_title'), '<p>' . $lang->get('upload_err_banned_ext', array('ext' => htmlspecialchars($ext))) . '</p>');
+ }
+ $type = $mime_types[$ext];
+ //$type = explode(';', $type); $type = $type[0];
+ //if(!in_array($type, $allowed_mime_types)) die_friendly('Upload failed', '<p>The file type "'.$type.'" is not allowed.</p>');
+ if($_POST['rename'] != '')
+ {
+ $filename = $_POST['rename'];
+ }
+ else
+ {
+ $filename = $file['name'];
+ }
+ $bad_chars = Array(':', '\\', '/', '<', '>', '|', '*', '?', '"', '#', '+');
+ foreach($bad_chars as $ch)
+ {
+ if(strstr($filename, $ch) || preg_match('/^([ ]+)$/is', $filename))
+ {
+ die_friendly($lang->get('upload_err_title'), '<p>' . $lang->get('upload_err_banned_chars') . '</p>');
+ }
+ }
+
+ $ns = namespace_factory($filename, 'File');
+ $cdata = $ns->get_cdata();
+ $is_protected = $cdata['really_protected'];
+
+ if ( isPage($paths->get_pathskey($filename, 'File')) && !isset ( $_POST['update'] ) )
+ {
+ $upload_link = makeUrlNS('Special', 'UploadFile/'.$filename);
+ die_friendly($lang->get('upload_err_title'), '<p>' . $lang->get('upload_err_already_exists', array('upload_link' => $upload_link)) . '</p>');
+ }
+ else if ( isset($_POST['update']) && $is_protected )
+ {
+ die_friendly($lang->get('upload_err_title'), '<p>' . $lang->get('upload_err_replace_protected') . '</p>');
+ }
+
+ $utime = time();
+
+ $filename = $db->escape(sanitize_page_id($filename));
+ $ext = substr($filename, strrpos($filename, '.'), strlen($filename));
+ $flen = filesize($file['tmp_name']);
+
+ $perms = $session->fetch_page_acl($filename, 'File');
+ $comments = ( isset($_POST['update']) ) ? $db->escape($_POST['comments']) : $db->escape(RenderMan::preprocess_text($_POST['comments'], false, false, true, $perms));
+ $chartag = sha1(microtime());
+ $urln = str_replace(' ', '_', $filename);
+
+ $key = md5($filename . '_' . ( function_exists('md5_file') ? md5_file($file['tmp_name']) : file_get_contents($file['tmp_name'])));
+ $targetname = ENANO_ROOT . '/files/' . $key . $ext;
+
+ if(!@move_uploaded_file($file['tmp_name'], $targetname))
+ {
+ die_friendly($lang->get('upload_err_title'), '<p>' . $lang->get('upload_err_move_failed') . '</p>');
+ }
+
+ if(getConfig('file_history') != '1')
+ {
+ if(!$db->sql_query('DELETE FROM '.table_prefix.'files WHERE filename=\''.$filename.'\' LIMIT 1;')) $db->_die('The old file data could not be deleted.');
+ }
+ if(!$db->sql_query('INSERT INTO '.table_prefix.'files(time_id,page_id,filename,size,mimetype,file_extension,file_key) VALUES('.$utime.', \''.$urln.'\', \''.$filename.'\', '.$flen.', \''.$type.'\', \''.$ext.'\', \''.$key.'\')')) $db->_die('The file data entry could not be inserted.');
+ if(!isset($_POST['update']))
+ {
+ if(!$db->sql_query('INSERT INTO '.table_prefix.'logs(time_id,date_string,log_type,action,author,author_uid,page_id,namespace) VALUES('.$utime.', \''.enano_date(ED_DATE | ED_TIME).'\', \'page\', \'create\', \''.$session->username.'\',' . $session->user_id . ', \''.$filename.'\', \''.'File'.'\');')) $db->_die('The page log could not be updated.');
+ if(!$db->sql_query('INSERT INTO '.table_prefix.'pages(name,urlname,namespace,protected,delvotes,delvote_ips) VALUES(\''.$filename.'\', \''.$urln.'\', \'File\', 0, 0, \'\')')) $db->_die('The page listing entry could not be inserted.');
+ if(!$db->sql_query('INSERT INTO '.table_prefix.'page_text(page_id,namespace,page_text,char_tag) VALUES(\''.$urln.'\', \'File\', \''.$comments.'\', \''.$chartag.'\')')) $db->_die('The page text entry could not be inserted.');
+ }
+ else
+ {
+ if(!$db->sql_query('INSERT INTO '.table_prefix.'logs(time_id,date_string,log_type,action,author,author_uid,page_id,namespace,edit_summary) VALUES('.$utime.', \''.enano_date(ED_DATE | ED_TIME).'\', \'page\', \'reupload\', \''.$session->username.'\',' . $session->user_id . ', \''.$filename.'\', \''.'File'.'\', \''.$comments.'\');')) $db->_die('The page log could not be updated.');
+ }
+ $cache->purge('page_meta');
+ die_friendly($lang->get('upload_success_title'), '<p>' . $lang->get('upload_success_body', array('file_link' => makeUrlNS('File', $filename))) . '</p>');
+ }
+ else
+ {
+ $template->header();
+ $fn = $paths->getParam(0);
+ if ( $fn && !$session->get_permissions('upload_new_version') )
+ {
+ die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('upload_err_replace_denied') . '<p>');
+ }
+ ?>
+ <p><?php echo $lang->get('upload_intro'); ?></p>
+ <p><?php
+ // Get the max file size, and format it in a way that is user-friendly
+
+ $fs = getConfig('max_file_size', '256000');
+ $fs = (int)$fs;
+ if($fs >= 1048576)
+ {
+ $fs = round($fs / 1048576, 1);
+ $unitized = $fs . ' ' . $lang->get('etc_unit_megabytes_short');
+ }
+ elseif($fs >= 1024)
+ {
+ $fs = round($fs / 1024, 1);
+ $unitized = $fs . ' ' . $lang->get('etc_unit_kilobytes_short');
+ }
+
+ echo $lang->get('upload_max_filesize', array(
+ 'size' => $unitized
+ ));
+ ?></p>
+ <form action="<?php echo makeUrl($paths->page); ?>" method="post" enctype="multipart/form-data">
+ <table border="0" cellspacing="1" cellpadding="4">
+ <tr><td><?php echo $lang->get('upload_field_file'); ?></td><td><input name="data" type="file" size="40" /></td></tr>
+ <tr><td><?php echo $lang->get('upload_field_renameto'); ?></td><td><input name="rename" type="text" size="40"<?php if($fn) echo ' value="'.$fn.'" readonly="readonly"'; ?> /></td></tr>
+ <?php
+ if(!$fn) echo '<tr><td>' . $lang->get('upload_field_comments') . '</td><td><textarea name="comments" rows="20" cols="60"></textarea></td></tr>';
+ else echo '<tr><td>' . $lang->get('upload_field_reason') . '</td><td><input name="comments" size="50" /></td></tr>';
+ ?>
+ <tr><td colspan="2" style="text-align: center">
+ <?php
+ if($fn)
+ echo '<input type="hidden" name="update" value="true" />';
+ ?>
+ <input type="submit" name="doit" value="<?php echo $lang->get('upload_btn_upload'); ?>" />
+ </td></tr>
+ </table>
+ </form>
+ <?php
+ $template->footer();
+ }
}
function page_Special_DownloadFile()
{
- global $db, $session, $paths, $template, $plugins; // Common objects
- global $lang;
- global $do_gzip;
- $filename = $paths->getParam(0);
- $timeid = $paths->getParam(1);
- if ( $timeid && ctype_digit((string)$timeid) )
- {
- $tid = ' AND time_id='.$timeid;
- }
- else
- {
- $tid = '';
- }
- $filename = $db->escape(sanitize_page_id($filename));
-
- $q = $db->sql_query('SELECT page_id,size,mimetype,time_id,file_extension,file_key FROM '.table_prefix.'files WHERE filename=\''.$filename.'\''.$tid.' ORDER BY time_id DESC;');
- if ( !$q )
- {
- $db->_die('The file data could not be selected.');
- }
- if ( $db->numrows() < 1 )
- {
- header('HTTP/1.1 404 Not Found');
- die_friendly($lang->get('upload_err_not_found_title'), '<p>' . $lang->get('upload_err_not_found_body', array('filename' => htmlspecialchars($filename))) . '</p>');
- }
- $row = $db->fetchrow();
- $db->free_result();
-
- // Check permissions
- $perms = $session->fetch_page_acl($row['page_id'], 'File');
- if ( !$perms->get_permissions('read') )
- {
- die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
- }
-
- $fname = ENANO_ROOT . '/files/' . $row['file_key'] . $row['file_extension'];
- if ( !file_exists($fname) )
- {
- $fname = ENANO_ROOT . '/files/' . $row['file_key'] . '_' . $row['time_id'] . $row['file_extension'];
- }
- if ( !file_exists($fname) )
- {
- die("Uploaded file $fname not found.");
- }
-
- if ( isset($_GET['preview']) && substr($row['mimetype'], 0, 6) == 'image/' )
- {
- // Determine appropriate width and height
- $width = ( isset($_GET['width']) ) ? intval($_GET['width'] ) : 320;
- $height = ( isset($_GET['height']) ) ? intval($_GET['height']) : 320;
-
- // 1.1.7: allow different format output
- $extension = $row['file_extension'];
- if ( isset($_GET['fmt']) && in_array($_GET['fmt'], array('png', 'jpg')) )
- $extension = ".{$_GET['fmt']}";
-
- $cache_filename = ENANO_ROOT . "/cache/{$filename}-{$row['time_id']}-{$width}x{$height}$extension";
- if ( file_exists($cache_filename) )
- {
- $fname = $cache_filename;
- }
- else
- {
- $allow_scale = false;
- $orig_fname = $fname;
- // is caching enabled?
- if ( getConfig('cache_thumbs') == '1' )
- {
- $fname = $cache_filename;
- if ( is_writeable(dirname($fname)) )
- {
- $allow_scale = true;
- }
- }
- else
- {
- // Get a temporary file
- // In this case, the file will not be cached and will be scaled each time it's requested
- $temp_dir = sys_get_temp_dir();
- // if tempnam() cannot use the specified directory name, it will fall back on the system default
- $tempname = tempnam($temp_dir, $filename);
- if ( $tempname && is_writeable($tempname) )
- {
- $allow_scale = true;
- }
- }
- if ( $allow_scale )
- {
- $result = scale_image($orig_fname, $fname, $width, $height);
- if ( !$result )
- $fname = $orig_fname;
- }
- else
- {
- $fname = $orig_fname;
- }
- }
- }
- $handle = @fopen($fname, 'r');
- if ( !$handle )
- die('Can\'t open output file for reading');
-
- $len = filesize($fname);
- header('Content-type: '.$row['mimetype']);
- if ( isset($_GET['download']) )
- {
- header('Content-disposition: attachment, filename="' . $filename . '";');
- }
- if ( !@$GLOBALS['do_gzip'] )
- header('Content-length: ' . $len);
-
- header('Last-Modified: '.enano_date('r', $row['time_id']));
-
- // using this method limits RAM consumption
- while ( !feof($handle) )
- {
- echo fread($handle, 512000);
- }
- fclose($handle);
-
- gzip_output();
-
- exit;
-
+ global $db, $session, $paths, $template, $plugins; // Common objects
+ global $lang;
+ global $do_gzip;
+ $filename = $paths->getParam(0);
+ $timeid = $paths->getParam(1);
+ if ( $timeid && ctype_digit((string)$timeid) )
+ {
+ $tid = ' AND time_id='.$timeid;
+ }
+ else
+ {
+ $tid = '';
+ }
+ $filename = $db->escape(sanitize_page_id($filename));
+
+ $q = $db->sql_query('SELECT page_id,size,mimetype,time_id,file_extension,file_key FROM '.table_prefix.'files WHERE filename=\''.$filename.'\''.$tid.' ORDER BY time_id DESC;');
+ if ( !$q )
+ {
+ $db->_die('The file data could not be selected.');
+ }
+ if ( $db->numrows() < 1 )
+ {
+ header('HTTP/1.1 404 Not Found');
+ die_friendly($lang->get('upload_err_not_found_title'), '<p>' . $lang->get('upload_err_not_found_body', array('filename' => htmlspecialchars($filename))) . '</p>');
+ }
+ $row = $db->fetchrow();
+ $db->free_result();
+
+ // Check permissions
+ $perms = $session->fetch_page_acl($row['page_id'], 'File');
+ if ( !$perms->get_permissions('read') )
+ {
+ die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
+ }
+
+ $fname = ENANO_ROOT . '/files/' . $row['file_key'] . $row['file_extension'];
+ if ( !file_exists($fname) )
+ {
+ $fname = ENANO_ROOT . '/files/' . $row['file_key'] . '_' . $row['time_id'] . $row['file_extension'];
+ }
+ if ( !file_exists($fname) )
+ {
+ die("Uploaded file $fname not found.");
+ }
+
+ if ( isset($_GET['preview']) && substr($row['mimetype'], 0, 6) == 'image/' )
+ {
+ // Determine appropriate width and height
+ $width = ( isset($_GET['width']) ) ? intval($_GET['width'] ) : 320;
+ $height = ( isset($_GET['height']) ) ? intval($_GET['height']) : 320;
+
+ // 1.1.7: allow different format output
+ $extension = $row['file_extension'];
+ if ( isset($_GET['fmt']) && in_array($_GET['fmt'], array('png', 'jpg')) )
+ $extension = ".{$_GET['fmt']}";
+
+ $cache_filename = ENANO_ROOT . "/cache/{$filename}-{$row['time_id']}-{$width}x{$height}$extension";
+ if ( file_exists($cache_filename) )
+ {
+ $fname = $cache_filename;
+ }
+ else
+ {
+ $allow_scale = false;
+ $orig_fname = $fname;
+ // is caching enabled?
+ if ( getConfig('cache_thumbs') == '1' )
+ {
+ $fname = $cache_filename;
+ if ( is_writeable(dirname($fname)) )
+ {
+ $allow_scale = true;
+ }
+ }
+ else
+ {
+ // Get a temporary file
+ // In this case, the file will not be cached and will be scaled each time it's requested
+ $temp_dir = sys_get_temp_dir();
+ // if tempnam() cannot use the specified directory name, it will fall back on the system default
+ $tempname = tempnam($temp_dir, $filename);
+ if ( $tempname && is_writeable($tempname) )
+ {
+ $allow_scale = true;
+ }
+ }
+ if ( $allow_scale )
+ {
+ $result = scale_image($orig_fname, $fname, $width, $height);
+ if ( !$result )
+ $fname = $orig_fname;
+ }
+ else
+ {
+ $fname = $orig_fname;
+ }
+ }
+ }
+ $handle = @fopen($fname, 'r');
+ if ( !$handle )
+ die('Can\'t open output file for reading');
+
+ $len = filesize($fname);
+ header('Content-type: '.$row['mimetype']);
+ if ( isset($_GET['download']) )
+ {
+ header('Content-disposition: attachment, filename="' . $filename . '";');
+ }
+ if ( !@$GLOBALS['do_gzip'] )
+ header('Content-length: ' . $len);
+
+ header('Last-Modified: '.enano_date('r', $row['time_id']));
+
+ // using this method limits RAM consumption
+ while ( !feof($handle) )
+ {
+ echo fread($handle, 512000);
+ }
+ fclose($handle);
+
+ gzip_output();
+
+ exit;
+
}
?>
\ No newline at end of file