diff options
| author | Christopher Smith <chris@jalakai.co.uk> | 2013-03-20 00:06:07 +0000 |
|---|---|---|
| committer | Christopher Smith <chris@jalakai.co.uk> | 2013-03-22 00:36:52 +0000 |
| commit | 0f4e009215bfa3136d334fa557335266637a7585 (patch) | |
| tree | 6a713cf999d4797534e5954c31e8b46654cc2db5 /inc/common.php | |
| parent | 2ab296805f9b647d3fe46cad4a7f275c45f171a8 (diff) | |
| download | rpg-0f4e009215bfa3136d334fa557335266637a7585.tar.gz rpg-0f4e009215bfa3136d334fa557335266637a7585.tar.bz2 | |
add a token to fetch urls requiring image resize/crop to prevent external DDOS via fetch
Diffstat (limited to 'inc/common.php')
| -rw-r--r-- | inc/common.php | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/inc/common.php b/inc/common.php index 471eb91b5..27f90b53b 100644 --- a/inc/common.php +++ b/inc/common.php @@ -436,6 +436,10 @@ function exportlink($id = '', $format = 'raw', $more = '', $abs = false, $sep = function ml($id = '', $more = '', $direct = true, $sep = '&', $abs = false) { global $conf; if(is_array($more)) { + // add token for resized images + if($more['w'] || $more['h']){ + $more['tok'] = media_get_token($id,$more['w'],$more['h']); + } // strip defaults for shorter URLs if(isset($more['cache']) && $more['cache'] == 'cache') unset($more['cache']); if(!$more['w']) unset($more['w']); |