docs/mods/_standard/social/groups/get_sgroup_logo.php

   1 <?php
   2 /****************************************************************/
   3 /* ATutor                                                                                                               */
   4 /****************************************************************/
   5 /* Copyright (c) 2002-2009                                                                              */
   6 /* Inclusive Design Institute                                   */
   7 /* http://atutor.ca                                                                                             */
   8 /*                                                              */
   9 /* This program is free software. You can redistribute it and/or*/
  10 /* modify it under the terms of the GNU General Public License  */
  11 /* as published by the Free Software Foundation.                                */
  12 /****************************************************************/
  13 // $Id: get_profile_img.php 6979 2007-06-20 17:35:02Z greg$
  14
  15 define('AT_INCLUDE_PATH', '../../../../include/');
  16 @ob_end_clean();
  17 header("Content-Encoding: none");
  18
  19 $_user_location = 'public';
  20
  21 require(AT_INCLUDE_PATH . 'vitals.inc.php');
  22 require(AT_INCLUDE_PATH . 'lib/mime.inc.php');
  23
  24 $id = intval($_GET['id']);
  25 $sql="SELECT logo from ".TABLE_PREFIX."social_groups WHERE id='$id'";
  26 $result = mysql_query($sql, $db);
  27
  28 list($filename) = mysql_fetch_array($result);
  29
  30 $file = AT_CONTENT_DIR .'social/'.$filename;
  31
  32 $extensions = array('gif', 'jpg', 'png');
  33 $pathinfo = pathinfo($file);
  34 $ext = strtolower($pathinfo['extension']);
  35 if ($ext == '') {
  36         $ext = 'application/octet-stream';
  37 } else {
  38         $ext = $mime[$ext][0];
  39 }
  40
  41 $real = realpath($file);
  42
  43 if (file_exists($real) && (substr($real, 0, strlen(AT_CONTENT_DIR)) == AT_CONTENT_DIR)) {
  44
  45         header('Content-Disposition: filename="'.$size.$id.'.'.$pathinfo['extension'].'"');
  46
  47         /**
  48          * although we can check if mod_xsendfile is installed in apache2
  49          * we can't actually check if it's enabled. also, we can't check if
  50          * it's enabled and installed in lighty, so instead we send the
  51          * header anyway, if it works then the line after it will not
  52          * execute. if it doesn't work, then the line after it will replace
  53          * it so that the full server path is not exposed.
  54          *
  55          * x-sendfile is supported in apache2 and lighttpd 1.5+ (previously
  56          * named x-send-file in lighttpd 1.4)
  57          */
  58         header('x-Sendfile: '.$real);
  59         header('x-Sendfile: ', TRUE); // if we get here then it didn't work
  60
  61         header('Content-Type: '.$ext);
  62
  63         @readfile($real);
  64         exit;
  65 } else {
  66         header('HTTP/1.1 404 Not Found', TRUE);
  67         exit;
  68 }
  69
  70 ?>