thumbnail.php 1.71 KB
edit raw blame history



1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60


<?php
/**
 * Copyright (c) 2012 Robin Appelman <icewind@owncloud.com>
 * This file is licensed under the Affero General Public License version 3 or
 * later.
 * See the COPYING-README file.
 */

OCP\JSON::checkAppEnabled('gallery');

list($token, $img) = explode('/', $_GET['file'], 2);
$linkItem = \OCP\Share::getShareByToken($token);
if (is_array($linkItem) && isset($linkItem['uid_owner'])) {
	// seems to be a valid share
	$rootLinkItem = \OCP\Share::resolveReShare($linkItem);
	$owner = $rootLinkItem['uid_owner'];
	OCP\JSON::checkUserExists($owner);
	OC_Util::tearDownFS();
	OC_Util::setupFS($owner);
	\OC_User::setIncognitoMode(true);
} else {
	OCP\JSON::checkLoggedIn();

	list($owner, $img) = explode('/', $_GET['file'], 2);
	if ($owner !== OCP\User::getUser()) {
		OCP\JSON::checkUserExists($owner);
		OC_Util::tearDownFS();
		OC_Util::setupFS($owner);
		$view = new \OC\Files\View('/' . $owner . '/files');
		// second part is the (duplicated) share name
		list($folderId, , $img) = explode('/', $img, 3);
		$shareInfo = \OCP\Share::getItemSharedWithBySource('file', $folderId);
		if ($shareInfo) {
			$sharedFolder = $view->getPath($folderId);
			if ($sharedFolder) {
				$img = $sharedFolder . '/' . $img;
			} else {
				\OC_Response::setStatus(404);
				exit;
			}
		} else {
			\OC_Response::setStatus(403);
			exit;
		}
	}
}

session_write_close();

if (is_array($linkItem) && isset($linkItem['uid_owner'])) {
	// prepend path to share
	$ownerView = new \OC\Files\View('/' . $owner . '/files');
	$path = $ownerView->getPath($linkItem['file_source']);
	$img = $path . '/' . $img;
}

$square = isset($_GET['square']) ? (bool)$_GET['square'] : false;

$image = new \OCA\Gallery\Thumbnail('/' . $img, $owner, $square);
$image->show();