function files() { $user = isset($_SESSION['user']) ? $_SESSION['user'] : null; $userid = isset($_SESSION['userid']) ? (int) $_SESSION['userid'] : 0; if (!$user || !$userid) { header('Location: /'); exit; } $op = isset($_GET['op']) ? $_GET['op'] : null; $path = isset($_GET['path']) ? $_GET['path'] : ''; $file = isset($_GET['file']) ? $_GET['file'] : ''; $files = _UPLOAD . "{$path}/{$file}"; if (!$path || !$file || !file_exists($files)) { exit('File is not exists.'); } $fuser = explode("_", $file); $fuser = isset($fuser[0]) ? $fuser[0] : 0; if ($user != $fuser) { exit('Not enough access permissions.'); } switch ($op) { case 'delete': break; default: header("Content-Type:text/html;charset=utf-8"); header("Content-type: image/jpeg"); $width = isset($_GET['width']) ? (int) $_GET['width'] : 0; $height = isset($_GET['height']) ? (int) $_GET['height'] : 0; echo Func::resizeImage($files, $width, $height); } }