diff options
| author | Klap-in <klapinklapin@gmail.com> | 2013-08-01 23:06:03 +0200 |
|---|---|---|
| committer | Klap-in <klapinklapin@gmail.com> | 2013-08-01 23:06:03 +0200 |
| commit | cc036f74ff14c387f24d72f5a52f2f158208846e (patch) | |
| tree | de0101ebce96622162dd8544f001783b395b9353 /inc/common.php | |
| parent | 4002c084d5e2ffc82739870cb9f107644d9787ff (diff) | |
| download | rpg-cc036f74ff14c387f24d72f5a52f2f158208846e.tar.gz rpg-cc036f74ff14c387f24d72f5a52f2f158208846e.tar.bz2 | |
remove hash for external images, but use token url parameter instead
Diffstat (limited to 'inc/common.php')
| -rw-r--r-- | inc/common.php | 19 |
1 files changed, 7 insertions, 12 deletions
diff --git a/inc/common.php b/inc/common.php index 1b4d9e8e4..a34cf96c0 100644 --- a/inc/common.php +++ b/inc/common.php @@ -148,7 +148,7 @@ function pageinfo() { $info['id'] = $ID; $info['rev'] = $REV; - if(isset($_SERVER['REMOTE_USER'])) {
+ if(isset($_SERVER['REMOTE_USER'])) { $sub = new Subscription(); $info['subscribed'] = $sub->user_subscription(); } else { @@ -474,7 +474,7 @@ function ml($id = '', $more = '', $direct = true, $sep = '&', $abs = false) if(is_array($more)) { // add token for resized images - if($more['w'] || $more['h']){ + if($more['w'] || $more['h'] || $isexternalimage){ $more['tok'] = media_get_token($id,$more['w'],$more['h']); } // strip defaults for shorter URLs @@ -485,12 +485,13 @@ function ml($id = '', $more = '', $direct = true, $sep = '&', $abs = false) $more = buildURLparams($more, $sep); } else { $matches = array(); - if (preg_match_all('/\b(w|h)=(\d*)\b/',$more,$matches,PREG_SET_ORDER)){ + if (preg_match_all('/\b(w|h)=(\d*)\b/',$more,$matches,PREG_SET_ORDER) || $isexternalimage){ $resize = array('w'=>0, 'h'=>0); foreach ($matches as $match){ $resize[$match[1]] = $match[2]; } - $more .= $sep.'tok='.media_get_token($id,$resize['w'],$resize['h']); + $more .= $more === '' ? '' : $sep; + $more .= 'tok='.media_get_token($id,$resize['w'],$resize['h']); } $more = str_replace('cache=cache', '', $more); //skip default $more = str_replace(',,', ',', $more); @@ -506,14 +507,8 @@ function ml($id = '', $more = '', $direct = true, $sep = '&', $abs = false) // external URLs are always direct without rewriting if($isexternalimage) { $xlink .= 'lib/exe/fetch.php'; - // add hash: - $xlink .= '?hash='.substr(PassHash::hmac('md5', $id, auth_cookiesalt()), 0, 6); - if($more) { - $xlink .= $sep.$more; - $xlink .= $sep.'media='.rawurlencode($id); - } else { - $xlink .= $sep.'media='.rawurlencode($id); - } + $xlink .= '?'.$more; + $xlink .= $sep.'media='.rawurlencode($id); return $xlink; } |