diff options
Diffstat (limited to 'www-ssl_old/ShowUserPicture.php')
-rw-r--r-- | www-ssl_old/ShowUserPicture.php | 56 |
1 files changed, 0 insertions, 56 deletions
diff --git a/www-ssl_old/ShowUserPicture.php b/www-ssl_old/ShowUserPicture.php deleted file mode 100644 index 5a222c07..00000000 --- a/www-ssl_old/ShowUserPicture.php +++ /dev/null @@ -1,56 +0,0 @@ -<?php -// Momentan keine Avatar-Funktionen -die(); - -require_once ('bootstrap.php'); - -include "config/config.php"; -include "includes/error_handler.php"; -include "config/config_db.php"; - -if (!isset ($_SESSION)) - session_start(); - -include "includes/secure.php"; - -// Parameter check -if (!isset ($_GET["UID"])) - $_GET["UID"] = "-1"; - -$SQL = "SELECT * FROM `UserPicture` WHERE `UID`='" . $_GET["UID"] . "'"; -$res = mysql_query($SQL, $con); - -if (mysql_num_rows($res) == 1) { - // genuegend rechte - if (!isset ($_SESSION['UID']) || $_SESSION['UID'] == -1) { - header("HTTP/1.0 403 Forbidden"); - die("403 Forbidden"); - } - - // ist das bild sichtbar? - if ((mysql_result($res, 0, "show") == "N") AND ($_SESSION['UID'] != $_GET["UID"]) AND ($_SESSION['CVS']["admin/UserPicture.php"] == "N")) { - $SQL = "SELECT * FROM `UserPicture` WHERE `UID`='-1'"; - $res = mysql_query($SQL, $con); - - if (mysql_num_rows($res) != 1) { - header("HTTP/1.0 404 Not Found"); - die("404 Not Found"); - } - } - - // bild aus db auslesen - $bild = mysql_result($res, 0, "Bild"); - - // ausgabe bild - header("Accept-Ranges: bytes"); - header("Content-Length: " . strlen($bild)); - header("Content-type: " . mysql_result($res, 0, "ContentType")); - header("Cache-control: public"); - header("Cache-request-directive: min-fresh = 120"); - header("Cache-request-directive: max-age = 360"); - echo $bild; -} else { - header("HTTP/1.0 404 Not Found"); - die("404 Not Found"); -} -?> |