[geeklog-cvs] geeklog: Implemented Conditional GET (somewhat experimental)
geeklog-cvs at lists.geeklog.net
geeklog-cvs at lists.geeklog.net
Fri Oct 3 05:34:48 EDT 2008
details: http://project.geeklog.net/cgi-bin/hgweb.cgi/rev/aeced27e1da9
changeset: 6409:aeced27e1da9
user: Dirk Haun <dirk at haun-online.de>
date: Fri Oct 03 11:34:33 2008 +0200
description:
Implemented Conditional GET (somewhat experimental)
diffstat:
1 file changed, 47 insertions(+), 19 deletions(-)
public_html/getimage.php | 66 ++++++++++++++++++++++++++++++++--------------
diffs (120 lines):
diff -r 12a47f2285a6 -r aeced27e1da9 public_html/getimage.php
--- a/public_html/getimage.php Fri Oct 03 10:48:53 2008 +0200
+++ b/public_html/getimage.php Fri Oct 03 11:34:33 2008 +0200
@@ -2,15 +2,16 @@
/* Reminder: always indent with 4 spaces (no tabs). */
// +---------------------------------------------------------------------------+
-// | Geeklog 1.4 |
+// | Geeklog 1.5 |
// +---------------------------------------------------------------------------+
// | getimage.php |
// | |
// | Shows images outside of the webtree |
// +---------------------------------------------------------------------------+
-// | Copyright (C) 2004-2006 by the following authors: |
+// | Copyright (C) 2004-2008 by the following authors: |
// | |
// | Authors: Tony Bibbs - tony AT tonybibbs DOT com |
+// | Dirk Haun - dirk AT haun-online DOT de |
// +---------------------------------------------------------------------------+
// | |
// | This program is free software; you can redistribute it and/or |
@@ -36,12 +37,11 @@
* serve the images from outside of the webtree to a place that the webserver
* user can actually write too
*
-* @author Tony Bibbs <tony at tonybibbs.com>
+* @author Tony Bibbs <tony AT tonybibbs DOT com>
*
*/
require_once 'lib-common.php';
-
require_once $_CONF['path_system'] . 'classes/downloader.class.php';
$downloader = new downloader();
@@ -50,21 +50,18 @@
$downloader->setLogging(true);
-$downloader->setAllowedExtensions(array('gif' => 'image/gif',
- 'jpg' => 'image/jpeg',
+$downloader->setAllowedExtensions(array('gif' => 'image/gif',
+ 'jpg' => 'image/jpeg',
'jpeg' => 'image/jpeg',
- 'png' => 'image/x-png',
+ 'png' => 'image/png',
+ 'png' => 'image/x-png'
)
);
-$mode = '';
-if (isset($_GET['mode'])) {
- $mode = $_GET['mode'];
-}
-$image = '';
-if (isset($_GET['image'])) {
- $image = COM_applyFilter ($_GET['image']);
-}
+COM_setArgNames(array('mode', 'image'));
+$mode = COM_applyFilter(COM_getArgument('mode'));
+$image = COM_applyFilter(COM_getArgument('image'));
+
if (strstr($image, '..')) {
// Can you believe this, some jackass tried to relative pathing to access
// files they shouldn't have access to?
@@ -90,7 +87,36 @@
}
// Let's see if we don't have a legit file. If not bail
-if (is_file($downloader->getPath() . $image)) {
+$pathToImage = $downloader->getPath() . $image;
+if (is_file($pathToImage)) {
+
+ // support conditional GET, if possible
+ $st = @stat($pathToImage);
+ if (is_array($st)) {
+ // cf. RFC 2616, Section 3.3.1 Full Date
+ $last_mod = str_replace('+0000', 'GMT', gmdate('r', $st['mtime']));
+ $etag = '"' . md5($image) . '"';
+
+ $mod_since = '';
+ $none_match = '';
+ if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE'])) {
+ $mod_since = $_SERVER['HTTP_IF_MODIFIED_SINCE'];
+ }
+ if (isset($_SERVER['HTTP_IF_NONE_MATCH'])) {
+ $none_match = $_SERVER['HTTP_IF_NONE_MATCH'];
+ }
+
+ if (($last_mod == $mod_since) && ($etag == $none_match)) {
+ // image hasn't change - we're done
+ header('HTTP/1.1 304 Not Modified');
+ header('Status: 304 Not Modified');
+ exit;
+ }
+
+ header('Last-Modified: ' . $last_mod);
+ header('ETag: ' . $etag);
+ }
+
if ($mode == 'show') {
echo '<html><body><img src="' . $_CONF['site_url'] . '/getimage.php?mode=articles&image=' . $image . '" alt=""' . XHTML . '></body></html>';
} else {
@@ -99,10 +125,12 @@
} else {
$display = COM_errorLog('File, ' . $image . ', was not found in getimage.php');
+ // send 404 in any case
+ header('HTTP/1.1 404 Not Found');
+ header('Status: 404 Not Found');
+
if ($mode == 'show') {
- echo COM_siteHeader ('menu') . $display . COM_siteFooter ();
- } else {
- header ('HTTP/1.0 404 Not Found');
+ echo COM_siteHeader('menu') . $display . COM_siteFooter();
}
}
More information about the geeklog-cvs
mailing list