Ejemplo n.º 1
0
function fix_private_photos($s, $uid, $item = null, $cid = 0)
{
    $a = get_app();
    logger('fix_private_photos', LOGGER_DEBUG);
    $site = substr($a->get_baseurl(), strpos($a->get_baseurl(), '://'));
    if (preg_match("/\\[img(.*?)\\](.*?)\\[\\/img\\]/is", $s, $matches)) {
        $image = $matches[2];
        logger('fix_private_photos: found photo ' . $image, LOGGER_DEBUG);
        if (stristr($image, $site . '/photo/')) {
            $replace = false;
            $i = basename($image);
            $i = str_replace('.jpg', '', $i);
            $x = strpos($i, '-');
            if ($x) {
                $res = substr($i, $x + 1);
                $i = substr($i, 0, $x);
                $r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `scale` = %d AND `uid` = %d", dbesc($i), intval($res), intval($uid));
                if (count($r)) {
                    // Check to see if we should replace this photo link with an embedded image
                    // 1. No need to do so if the photo is public
                    // 2. If there's a contact-id provided, see if they're in the access list
                    //    for the photo. If so, embed it.
                    // 3. Otherwise, if we have an item, see if the item permissions match the photo
                    //    permissions, regardless of order but first check to see if they're an exact
                    //    match to save some processing overhead.
                    // Currently we only embed one private photo per message so as not to hit import
                    // size limits at the receiving end.
                    // To embed multiples, we would need to parse out the embedded photos on message
                    // receipt and limit size based only on the text component. Would also need to
                    // ignore all photos during bbcode translation and item localisation, as these
                    // will hit internal regex backtrace limits.
                    if (has_permissions($r[0])) {
                        if ($cid) {
                            $recips = enumerate_permissions($r[0]);
                            if (in_array($cid, $recips)) {
                                $replace = true;
                            }
                        } elseif ($item) {
                            if (compare_permissions($item, $r[0])) {
                                $replace = true;
                            }
                        }
                    }
                    if ($replace) {
                        logger('fix_private_photos: replacing photo', LOGGER_DEBUG);
                        $s = str_replace($image, 'data:image/jpg;base64,' . base64_encode($r[0]['data']), $s);
                        logger('fix_private_photos: replaced: ' . $s, LOGGER_DATA);
                    }
                }
            }
        }
    }
    return $s;
}
Ejemplo n.º 2
0
function fix_private_photos($s, $uid, $item = null, $cid = 0)
{
    $a = get_app();
    logger('fix_private_photos', LOGGER_DEBUG);
    $site = substr($a->get_baseurl(), strpos($a->get_baseurl(), '://'));
    $orig_body = $s;
    $new_body = '';
    $img_start = strpos($orig_body, '[zmg');
    $img_st_close = $img_start !== false ? strpos(substr($orig_body, $img_start), ']') : false;
    $img_len = $img_start !== false ? strpos(substr($orig_body, $img_start + $img_st_close + 1), '[/zmg]') : false;
    while ($img_st_close !== false && $img_len !== false) {
        $img_st_close++;
        // make it point to AFTER the closing bracket
        $image = substr($orig_body, $img_start + $img_st_close, $img_len);
        logger('fix_private_photos: found photo ' . $image, LOGGER_DEBUG);
        if (stristr($image, $site . '/photo/')) {
            // Only embed locally hosted photos
            $replace = false;
            $i = basename($image);
            $x = strpos($i, '-');
            if ($x) {
                $res = substr($i, $x + 1);
                $i = substr($i, 0, $x);
                $r = q("SELECT * FROM `photo` WHERE `resource_id` = '%s' AND `scale` = %d AND `uid` = %d", dbesc($i), intval($res), intval($uid));
                if (count($r)) {
                    // Check to see if we should replace this photo link with an embedded image
                    // 1. No need to do so if the photo is public
                    // 2. If there's a contact-id provided, see if they're in the access list
                    //    for the photo. If so, embed it.
                    // 3. Otherwise, if we have an item, see if the item permissions match the photo
                    //    permissions, regardless of order but first check to see if they're an exact
                    //    match to save some processing overhead.
                    if (has_permissions($r[0])) {
                        if ($cid) {
                            $recips = enumerate_permissions($r[0]);
                            if (in_array($cid, $recips)) {
                                $replace = true;
                            }
                        } elseif ($item) {
                            if (compare_permissions($item, $r[0])) {
                                $replace = true;
                            }
                        }
                    }
                    if ($replace) {
                        $data = $r[0]['data'];
                        $type = $r[0]['type'];
                        // If a custom width and height were specified, apply before embedding
                        if (preg_match("/\\[zmg\\=([0-9]*)x([0-9]*)\\]/is", substr($orig_body, $img_start, $img_st_close), $match)) {
                            logger('fix_private_photos: scaling photo', LOGGER_DEBUG);
                            $width = intval($match[1]);
                            $height = intval($match[2]);
                            $ph = photo_factory($data, $type);
                            if ($ph->is_valid()) {
                                $ph->scaleImage(max($width, $height));
                                $data = $ph->imageString();
                                $type = $ph->getType();
                            }
                        }
                        logger('fix_private_photos: replacing photo', LOGGER_DEBUG);
                        $image = 'data:' . $type . ';base64,' . base64_encode($data);
                        logger('fix_private_photos: replaced: ' . $image, LOGGER_DATA);
                    }
                }
            }
        }
        $new_body = $new_body . substr($orig_body, 0, $img_start + $img_st_close) . $image . '[/zmg]';
        $orig_body = substr($orig_body, $img_start + $img_st_close + $img_len + strlen('[/zmg]'));
        if ($orig_body === false) {
            $orig_body = '';
        }
        $img_start = strpos($orig_body, '[zmg');
        $img_st_close = $img_start !== false ? strpos(substr($orig_body, $img_start), ']') : false;
        $img_len = $img_start !== false ? strpos(substr($orig_body, $img_start + $img_st_close + 1), '[/zmg]') : false;
    }
    $new_body = $new_body . $orig_body;
    return $new_body;
}
Ejemplo n.º 3
0
  <link rel="stylesheet" type="text/css" href="../css/body.css" />

  <style>
  body {font-size:80%; margin:5px;}
  h1 {font-size:140%}
  table {margin-left:40px; border-collapse:collapse}
  td {border:1px solid #C0C0C0; padding:2px}
  .grey {background-color:#EAEAEA; font-weight:bold}
  .nonexist {background-color:#FFC0C0}
  .dkred {background-color:#C00000; color:white; font-weight:bold}
  .err {color:red; font-weight:bold}
  </style>
</head>

<body>
<?php 
if (isset($_POST['submit'])) {
    make_db_connections();
    $users = array('_auth', '_stu', '_staff', '_ext', '_sys', '_sct', '_inv');
    foreach ($users as $user) {
        echo "<h1>" . $_POST['master_dbname'] . $user . "</h1>\n";
        compare_permissions($_POST['master_dbname'], $_POST['test_dbname'], $master_mysqli, $test_mysqli, $user, $_POST['webhost']);
    }
} else {
    echo display_form();
}
?>
</body>
</html>