if (isset($_GET[$v])) {
$get_cleaned[$v] = $_GET[$v];
}
}
$plugin = validate_get(GET('p'), 'plugin');
$width = empty($_GET['x']) ? $CONFIG['width'] : $_GET['x'];
$heigth = empty($_GET['y']) ? $CONFIG['heigth'] : $_GET['y'];
$requesthash = sha1(serialize($get_cleaned));
$rediskey = "cache:grapher:graph:{$plugin}:{$width}x{$heigth}:{$requesthash}:{$tz}";
$cached = $redis->get($rediskey);
if ($cached) {
Header("Content-Type: image/png");
http_cache_etag();
http_send_data($cached);
exit;
}
if (validate_get(GET('h'), 'host') === NULL) {
error_log('CGP Error: plugin contains unknown characters');
error_image();
}
if (!file_exists($CONFIG['webdir'] . '/plugin/' . $plugin . '.php')) {
error_log(sprintf('CGP Error: plugin "%s" is not available', $plugin));
error_image();
}
ob_start();
# load plugin
include $CONFIG['webdir'] . '/plugin/' . $plugin . '.php';
$content = ob_get_clean();
$redis->setex($rediskey, 60, $content);
http_cache_etag();
http_send_data($content);
} else {
define('REAL_IMAGE_HEIGHT', IMAGE_HEIGHT * $scale);
define('REAL_IMAGE_WIDTH', IMAGE_WIDTH * $scale);
}
if (!isset($_GET['plugin'])) {
error_image('Error: No plugin provided');
}
// The plugin we are graphing
$pluginName = urldecode($_GET['plugin']);
// Load the json data from the api
// First, basic plugin data
$plugin = loadPlugin($pluginName);
// Is the plugin invalid?
if ($plugin == null) {
// no plugin found
error_image('Invalid plugin');
}
// case-correct plugin name
$pluginName = $plugin->getName();
// get the graph from cache
$cacheKey = 'signature-' . $scale . '-' . $pluginName;
$cacheFileLocation = '../cache/' . $cacheKey . '.png';
if (!file_exists($cacheFileLocation)) {
require ROOT . '../private_html/pChart/pData.class.php';
require ROOT . '../private_html/pChart/pChart.class.php';
require ROOT . '../private_html/pChart/pCache.class.php';
// Create a new data set
$dataSet = new pData();
// The servers plot
$serversX = array();
// The players plot
$media = new Upload($type, $id, $version);
/* The user requests to delete the image */
if (!empty($_REQUEST['op'])) {
if ($_REQUEST['op'] == 'delete') {
delete_image($media);
exit(0);
}
}
if (!$media->read()) {
not_found();
}
if (!$globals['media_public'] && $media->access == 'restricted' && !$current_user->user_id > 0) {
error_image(_('Debe estar autentificado'));
die;
} elseif ($globals['bot'] || $media->type == 'private' && ($current_user->user_id <= 0 || $media->user != $current_user->user_id && $media->to != $current_user->user_id)) {
error_image(_('No está autorizado'));
die;
}
header("Content-Type: {$media->mime}");
header('Last-Modified: ' . date('r', $media->date));
header('Cache-Control: max-age=3600');
if (!empty($media->mime)) {
$ext = explode("/", $media->mime);
$ext = $ext[count($ext) - 1];
}
header("Content-Disposition: filename=meneame-media-{$type}-{$id}." . $ext);
if ($media->file_exists() && !empty($globals['xsendfile'])) {
/* Be careful with privacy and rules in the server
* Good rule for nginx:
location ~ \.media$ {
internal;
/**
* Allows us to display a picture/image of a model. if it has one already
*
* @param Model $model
* @param bool $fromUrl
* @param string $image
* @param bool $mustExistOnServer
* @return string
*/
function display_img($model, $fromUrl = false, $image = 'image', $mustExistOnServer = true)
{
if (is_null($model)) {
// display from url
if (file_exists_on_server($fromUrl)) {
return asset($fromUrl);
}
return asset(error_image());
}
// if the image is not on our server, then we just skip the checks
if ($mustExistOnServer) {
if (file_exists_on_server($model->{$image})) {
return asset($model->{$image});
}
return asset(error_image());
}
if (!is_null(asset($model->{$image}))) {
return asset($model->{$image});
}
return asset(error_image());
}
