projects
/
phpfspot.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
issue60, make sure provided photo id is numeric
[phpfspot.git]
/
phpfspot_img.php
diff --git
a/phpfspot_img.php
b/phpfspot_img.php
index 194b534ba63e61d9258ea0a1ce621d35673581f4..5747b736a4d36defaa611f3c875a6facaa80cf30 100644
(file)
--- a/
phpfspot_img.php
+++ b/
phpfspot_img.php
@@
-56,10
+56,13
@@
class PHPFSPOT_IMG {
*/
public function show($idx, $width = 0)
{
*/
public function show($idx, $width = 0)
{
+ if($idx == 'rand')
+ $idx = $this->parent->get_random_photo();
+
$details = $this->parent->get_photo_details($idx);
if(!$details) {
$details = $this->parent->get_photo_details($idx);
if(!$details) {
- $this->parent->showTextImage("The image you requested is unknown");
+ $this->parent->showTextImage("The image
(". $idx .")
you requested is unknown");
return;
}
return;
}
@@
-103,7
+106,10
@@
class PHPFSPOT_IMG {
Header("Content-Disposition: inline; filename=\"". $details['name'] ."\"");
Header("Accept-Ranges: bytes");
Header("Connection: close");
Header("Content-Disposition: inline; filename=\"". $details['name'] ."\"");
Header("Accept-Ranges: bytes");
Header("Connection: close");
-
+ Header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
+ Header("Cache-Control: no-cache");
+ Header("Pragma: no-cache");
+
$file = fopen($fullpath, "rb");
fpassthru($file);
@fclose($file);
$file = fopen($fullpath, "rb");
fpassthru($file);
@fclose($file);
@@
-112,7
+118,7
@@
class PHPFSPOT_IMG {
}
}
-if(isset($_GET['idx']) &&
is_numeric($_GET['idx']
)) {
+if(isset($_GET['idx']) &&
(is_numeric($_GET['idx']) || $_GET['idx'] == 'rand'
)) {
$img = new PHPFSPOT_IMG;
$img = new PHPFSPOT_IMG;