2
// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/view_jpeg_photo.php,v 1.11.2.3 2008/12/12 12:20:22 wurley Exp $
3
* This script will display the contents of the jpegPhoto attribute to the browser.
4
* A server ID and DN must be provided in the GET attributes.
5
* Optionally an attr name, index, type and filename can be supplied.
5
7
* @package phpLDAPadmin
10
14
require './common.php';
13
$file['name'] = get_request('file','GET');
15
/* Security check (we don't want anyone tryting to get at /etc/passwd or something)
16
* Slashes and dots are not permitted in these names.
18
if (! preg_match('/^pla/',$file['name']) || preg_match('/[\.\/\\\\]/',$file['name']))
19
error(sprintf('%s: %s',_('Unsafe file name'),htmlspecialchars($file['name'])),'error','index.php');
21
/* Little security measure here (prevents users from accessing
22
files, like /etc/passwd for example).*/
23
$file['name'] = basename(addcslashes($file['name'],'/\\'));
24
$file['name'] = sprintf('%s/%s',$_SESSION[APPCONFIG]->GetValue('jpeg','tmpdir'),$file['name']);
25
if (! file_exists($file['name']))
26
error(sprintf('%s%s %s',_('No such file'),_(':'),htmlspecialchars($file['name'])),'error','index.php');
28
$file['handle'] = fopen($file['name'],'r');
29
$file['data'] = fread($file['handle'],filesize($file['name']));
30
fclose($file['handle']);
17
$request['dn'] = get_request('dn','GET');
18
$request['attr'] = strtolower(get_request('attr','GET',false,'jpegphoto'));
19
$request['index'] = get_request('index','GET',false,0);
20
$request['type'] = get_request('type','GET',false,'image/jpeg');
21
$request['filename'] = get_request('filename','GET',false,sprintf('%s.jpg',get_rdn($request['dn'],true)));
22
$request['location'] = get_request('location','GET',false,'ldap');
24
switch ($request['location']) {
26
if (isset($_SESSION['tmp'][$request['attr']][$request['index']])) {
27
$jpeg_data = $_SESSION['tmp'];
28
unset($_SESSION['tmp'][$request['attr']][$request['index']]);
35
$jpeg_data = $app['server']->getDNAttrValues($request['dn'],null,LDAP_DEREF_NEVER,array($request['attr']));
40
if (! isset($jpeg_data[$request['attr']][$request['index']])) {
41
if (function_exists('imagecreate')) {
42
$im = imagecreate(160,30);
43
if (is_resource($im)) {
44
header('Content-type: image/png');
47
imagecolorallocatealpha($im,0xFC,0xFC,0xFE,127);
48
$text_color = imagecolorallocate($im,0,0,0);
49
imagestring($im,4,3,5,_('Image not available'),$text_color);
57
# We cant display an error, but we can set a system message, which will be display on the next page render.
59
'title'=>_('No image available'),
60
'body'=>sprintf(_('Could not fetch jpeg data from LDAP server for attribute [%s].'),$request['attr']),
66
if (! is_array($jpeg_data[$request['attr']]))
67
$jpeg_data[$request['attr']] = array($jpeg_data[$request['attr']]);
32
69
$obStatus = ob_get_status();
33
70
if (isset($obStatus['type']) && $obStatus['type'] && $obStatus['status'])
36
Header('Content-type: image/jpeg');
37
Header('Content-disposition: inline; filename=jpeg_photo.jpg');
73
header(sprintf('Content-type: %s',$request['type']));
74
header(sprintf('Content-disposition: inline; filename="%s"',$request['filename']));
75
echo $jpeg_data[$request['attr']][$request['index']];