function get_attachment() { Auth::checkLoggedIn(); $entry = Entry::fromId(Input::get('entryid')); $attachment = Attachment::fromId(Input::get('attachmentid')); // Make sure this user can view the entry if (!$entry->canView(Auth::getUser())) { throw new Exception('You cannot view this entry.'); } // Make sure the attachment belongs to the entry $attachments = $entry->getAttachments(); $found = false; foreach ($attachments as $curAttachment) { if ($curAttachment->getAttachmentId() == $attachment->getAttachmentId()) { $found = true; break; } } if (!$found) { throw new Exception('The requested attachment does not belong to the entry given.'); } // Render the attachment if ($attachment->getAttachmentType() == Attachment::ATTACHMENT_TYPE_IMAGE) { View::renderImage(Attachment::getStoragePath($attachment->getAttachmentId())); } else { View::renderFile(Attachment::getStoragePath($attachment->getAttachmentId()), $attachment->getName()); } }
function get_avatar() { // Get the user $user = User::fromId(Input::get('userid')); // Make sure the user has an avatar if (empty($user->getAvatarAttachmentId())) { throw new Exception('This user does not have an avatar.'); } // Render the attachment View::renderImage(Attachment::getStoragePath($user->getAvatarAttachmentId())); }