2019-02-27 14:46:18 +00:00
|
|
|
<?php
|
2019-03-18 22:02:30 +00:00
|
|
|
$userAssetsMode = !empty($_GET['m']) && is_string($_GET['m']) ? (string)$_GET['m'] : '';
|
2019-02-27 14:46:18 +00:00
|
|
|
$misuzuBypassLockdown = $userAssetsMode === 'avatar';
|
|
|
|
|
|
|
|
|
|
require_once '../misuzu.php';
|
|
|
|
|
|
2019-03-18 22:03:40 +00:00
|
|
|
$userId = !empty($_GET['u']) && is_string($_GET['u']) ? (int)$_GET['u'] : 0;
|
2019-02-27 14:46:18 +00:00
|
|
|
$userExists = user_exists($userId);
|
|
|
|
|
|
|
|
|
|
$canViewImages = !$userExists
|
|
|
|
|
|| !user_warning_check_expiration($userId, MSZ_WARN_BAN)
|
|
|
|
|
|| (
|
2019-02-28 21:52:39 +00:00
|
|
|
parse_url($_SERVER['HTTP_REFERER'] ?? '', PHP_URL_PATH) === url('user-profile')
|
2019-02-27 19:24:17 +00:00
|
|
|
&& perms_check_user(MSZ_PERMS_USER, user_session_current('user_id', 0), MSZ_PERM_USER_MANAGE_USERS)
|
2019-02-27 14:46:18 +00:00
|
|
|
);
|
|
|
|
|
|
|
|
|
|
switch ($userAssetsMode) {
|
|
|
|
|
case 'avatar':
|
|
|
|
|
if (!$canViewImages) {
|
|
|
|
|
$filename = config_get_default(MSZ_ROOT . '/public/images/banned-avatar.png', 'Avatar', 'banned_path');
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$filename = config_get_default(MSZ_ROOT . '/public/images/no-avatar.png', 'Avatar', 'default_path');
|
|
|
|
|
|
|
|
|
|
if (!$userExists) {
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$dimensions = 200;
|
|
|
|
|
$avatarFilename = sprintf('%d.msz', $userId);
|
|
|
|
|
$avatarStorage = sprintf('%1$s/avatars/%2$dx%2$d', MSZ_STORAGE, $dimensions);
|
|
|
|
|
$avatarCropped = sprintf('%s/%s', $avatarStorage, $avatarFilename);
|
|
|
|
|
|
|
|
|
|
if (is_file($avatarCropped)) {
|
|
|
|
|
$filename = $avatarCropped;
|
|
|
|
|
} else {
|
|
|
|
|
$avatarOriginal = sprintf('%s/avatars/original/%s', MSZ_STORAGE, $avatarFilename);
|
|
|
|
|
|
|
|
|
|
if (is_file($avatarOriginal)) {
|
|
|
|
|
try {
|
|
|
|
|
mkdirs($avatarStorage, true);
|
|
|
|
|
|
2019-03-25 13:24:10 +00:00
|
|
|
$avatarImage = new Imagick($avatarOriginal);
|
|
|
|
|
$avatarImage->setImageFormat($avatarImage->getNumberImages() > 1 ? 'gif' : 'png');
|
|
|
|
|
$avatarImage = $avatarImage->coalesceImages();
|
|
|
|
|
|
|
|
|
|
$avatarOriginalWidth = $avatarImage->getImageWidth();
|
|
|
|
|
$avatarOriginalHeight = $avatarImage->getImageHeight();
|
|
|
|
|
|
|
|
|
|
if ($avatarOriginalWidth > $avatarOriginalHeight) {
|
|
|
|
|
$avatarWidth = $avatarOriginalWidth * $dimensions / $avatarOriginalHeight;
|
|
|
|
|
$avatarHeight = $dimensions;
|
|
|
|
|
} else {
|
|
|
|
|
$avatarWidth = $dimensions;
|
|
|
|
|
$avatarHeight = $avatarOriginalHeight * $dimensions / $avatarOriginalWidth;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
do {
|
|
|
|
|
$avatarImage->resizeImage(
|
|
|
|
|
$avatarWidth,
|
|
|
|
|
$avatarHeight,
|
|
|
|
|
Imagick::FILTER_LANCZOS,
|
|
|
|
|
0.9
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
$avatarImage->cropImage(
|
|
|
|
|
$dimensions,
|
|
|
|
|
$dimensions,
|
|
|
|
|
($avatarWidth - $dimensions) / 2,
|
|
|
|
|
($avatarHeight - $dimensions) / 2
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
$avatarImage->setImagePage(
|
|
|
|
|
$dimensions,
|
|
|
|
|
$dimensions,
|
|
|
|
|
0,
|
|
|
|
|
0
|
|
|
|
|
);
|
|
|
|
|
} while ($avatarImage->nextImage());
|
|
|
|
|
|
|
|
|
|
$avatarImage->deconstructImages()->writeImages($filename = $avatarCropped, true);
|
2019-02-27 14:46:18 +00:00
|
|
|
} catch (Exception $ex) {
|
2019-03-25 13:24:10 +00:00
|
|
|
// report error
|
2019-02-27 14:46:18 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case 'background':
|
|
|
|
|
if (!$canViewImages && !$userExists) {
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$backgroundStorage = sprintf('%s/backgrounds/original', MSZ_STORAGE);
|
|
|
|
|
$filename = sprintf('%s/%d.msz', $backgroundStorage, $userId);
|
|
|
|
|
mkdirs($backgroundStorage, true);
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (empty($filename) || !is_file($filename)) {
|
|
|
|
|
http_response_code(404);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$entityTag = sprintf('W/"{%s-%d-%d}"', $userAssetsMode, $userId, filemtime($filename));
|
|
|
|
|
|
|
|
|
|
if (!empty($_SERVER['HTTP_IF_NONE_MATCH']) && $_SERVER['HTTP_IF_NONE_MATCH'] === $entityTag) {
|
|
|
|
|
http_response_code(304);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
http_response_code(200);
|
|
|
|
|
header(sprintf('Content-Type: %s', mime_content_type($filename)));
|
|
|
|
|
header(sprintf('ETag: %s', $entityTag));
|
|
|
|
|
echo file_get_contents($filename);
|
