diff options
Diffstat (limited to 'mod/profile/icondirect.php')
| -rw-r--r-- | mod/profile/icondirect.php | 136 |
1 files changed, 136 insertions, 0 deletions
diff --git a/mod/profile/icondirect.php b/mod/profile/icondirect.php new file mode 100644 index 000000000..ec4227217 --- /dev/null +++ b/mod/profile/icondirect.php @@ -0,0 +1,136 @@ +<?php + + /** + * Elgg profile icon + * + * @package ElggProfile + * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2 + * @author Curverider Ltd <info@elgg.com> + * @copyright Curverider Ltd 2008-2010 + * @link http://elgg.com/ + */ + + // Get DB settings, connect + require_once(dirname(dirname(dirname(__FILE__))). '/engine/settings.php'); + + /** + * UTF safe str_split. + * This is only used here since we don't have access to the file store code. + * TODO: This is a horrible hack, so clean this up! + */ + function __id_mb_str_split($string, $charset = 'UTF8') + { + if (is_callable('mb_substr')) + { + $length = mb_strlen($string); + $array = array(); + + while ($length) + { + $array[] = mb_substr($string, 0, 1, $charset); + $string = mb_substr($string, 1, $length, $charset); + + $length = mb_strlen($string); + } + + return $array; + } + else + return str_split($string); + + return false; + } + + global $CONFIG; + + $contents = ''; + + if ($mysql_dblink = @mysql_connect($CONFIG->dbhost,$CONFIG->dbuser,$CONFIG->dbpass, true)) { + + + $username = $_GET['username']; + //$username = preg_replace('/[^A-Za-z0-9\_\-]/i','',$username); + $blacklist = '/[' . + '\x{0080}-\x{009f}' . # iso-8859-1 control chars + '\x{00a0}' . # non-breaking space + '\x{2000}-\x{200f}' . # various whitespace + '\x{2028}-\x{202f}' . # breaks and control chars + '\x{3000}' . # ideographic space + '\x{e000}-\x{f8ff}' . # private use + ']/u'; + if ( + preg_match($blacklist, $username) || + + (strpos($username, '/')!==false) || + (strpos($username, '\\')!==false) || + (strpos($username, '"')!==false) || + (strpos($username, '\'')!==false) || + (strpos($username, '*')!==false) || + (strpos($username, '&')!==false) || + (strpos($username, ' ')!==false) + ) exit; + + $userarray = __id_mb_str_split($username); + + $matrix = ''; + $length = 5; + if (sizeof($userarray) < $length) $length = sizeof($userarray); + for ($n = 0; $n < $length; $n++) { + $matrix .= $userarray[$n] . "/"; + } + + // Get the size + $size = strtolower($_GET['size']); + if (!in_array($size,array('large','medium','small','tiny','master','topbar'))) + $size = "medium"; + + // Try and get the icon + if (@mysql_select_db($CONFIG->dbname,$mysql_dblink)) { + // get dataroot and simplecache_enabled in one select for efficiency + if ($result = mysql_query("select name, value from {$CONFIG->dbprefix}datalists where name in ('dataroot','simplecache_enabled')",$mysql_dblink)) { + $simplecache_enabled = true; + $row = mysql_fetch_object($result); + while ($row) { + if ($row->name == 'dataroot') { + $dataroot = $row->value; + } else if ($row->name == 'simplecache_enabled') { + $simplecache_enabled = $row->value; + } + $row = mysql_fetch_object($result); + } + } + } + } + //@todo forcing through the framework to ensure the matrix + // is created the same way. + //if ($simplecache_enabled) { + if (false) { + $filename = $dataroot . $matrix . "{$username}/profile/" . $username . $size . ".jpg"; + $contents = @file_get_contents($filename); + if (empty($contents)) { + global $viewinput; + $viewinput['view'] = 'icon/user/default/'.$size; + ob_start(); + include(dirname(dirname(dirname(__FILE__))).'/simplecache/view.php'); + $loc = ob_get_clean(); + header('Location: ' . $loc); + exit; + //$contents = @file_get_contents(dirname(__FILE__) . "/graphics/default{$size}.jpg"); + } else { + header("Content-type: image/jpeg"); + header('Expires: ' . date('r',time() + 864000)); + header("Pragma: public"); + header("Cache-Control: public"); + header("Content-Length: " . strlen($contents)); + $splitString = str_split($contents, 1024); + foreach($splitString as $chunk) + echo $chunk; + } + } else { + mysql_close($mysql_dblink); + require_once(dirname(dirname(dirname(__FILE__))) . "/engine/start.php"); + set_input('username',$username); + set_input('size',$size); + require_once(dirname(__FILE__).'/icon.php'); + } +?> |