<?
# Slashster: Open Source Friend of a Friend Software
# Copyright 2004 Mark El-Wakil
# Contact: hide@address.com
# http://seventhcycle.net
#
# This file is part of Slashster.
#
# Slashster is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# Slashster is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Slashster; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
import_request_variables("gPc");
$mdir = "userpics";
if ($_COOKIE['PHPSESSID'])
$idins = $_COOKIE['PHPSESSID'];
elseif ($_GET['PHPSESSID'])
$idins = $_GET['PHPSESSID'];
elseif ($_POST['PHPSESSID'])
$idins = $_POST['PHPSESSID'];
else
$idins = md5(microtime() . $_SERVER['REMOTE_ADDR']);
if (!$_COOKIE['PHPSESSID']) session_id($idins);
session_start();
if ($_SESSION[LoggedIn] && file_exists("$mdir/$fld") || 1)
{
$sp = explode("-", $fld);
$lvl = FindLevel($sp[1]);
if ($lvl != "-1" || $sp[0] == 0)
{
session_write_close();
header("Cache-control: private");
header("Content-Type: image/jpeg");
header("Content-Length: ".filesize("$mdir/$fld"));
readfile("$mdir/$fld");
}
else
{
header("HTTP/1.0 404 Not Found");
}
}
elseif (!$_SESSION[LoggedIn] && file_exists("$mdir/$fld"))
{
session_write_close();
header("Content-Type: image/jpeg");
readfile("images/pleaselogin.jpg");
}
else
{
header("HTTP/1.0 404 Not Found");
}
exit;
function FindLevel($v)
{
$level = -1;
$ct = 1;
if ($_SESSION[userid] == $v) return 0;
while ( sizeof( $_SESSION["flv-" . $ct] ) )
{
$f = $_SESSION["flv-" . $ct];
if ($f[$v]) $level = $ct;
$ct++;
}
return $level;
}
?>