The page that you have requested could not be found.
"); } require_once('../../fire.php'); $ftype = $lol->files->type($orig_path); #check to see if we're attempting a resize. if(!empty($options)) { foreach($options as $option) { switch(TRUE) { case ($option=='admin-no-track'): if($lol->plugins->lolp_access->user->group_id<8) { $track = FALSE; } break; case ($option=='debug'): //! Avallo Print_R() if($_SERVER["REMOTE_ADDR"]=="23.25.151.126") { $avallo_pr = ''; $avallo_pr .= "On: ".__FILE__."\n"; $avallo_pr .= "Line: ".__LINE__."\n"; $avallo_pr .= "'; if($avallo_mail ==TRUE) { mail((is_string($mail)?$mail:"aaron@avallo.com"),"Avallo pr ($_SERVER[HTTP_HOST])",$avallo_pr); } elseif($avallo_ret ==TRUE) { return $avallo_pr; } elseif($avallo_echo ==TRUE) { echo $avallo_pr; } else { die($avallo_pr); } } break; case ($ftype=='image/svg+xml' || substr($orig_path, -4)=='.svg'): $cache_file = $_SERVER['DOCUMENT_ROOT'].'/cms-files/'.$option.'/'.$file; copy($orig_path, $cache_file); if(file_exists($cache_file) && !in_array($_SERVER['REQUEST_URI'], $_SESSION['lolp']['cms']['stop_redirect'])) { $_SESSION['lolp']['cms']['stop_redirect'][] = $_SERVER['REQUEST_URI']; header('Location: '.$_SERVER['REQUEST_URI']); die(); } else { die('error creating cache file'); } break; case (substr($ftype,0,6) == "image/" && in_array($opt=substr($option, 0,5), array('crop-','size-'))): if(!isset($size_crop)) { $size_crop = TRUE; #Load the original image into image_gd. $lol->image_gd->set_image_asFile($orig_path); #check cache $cache_file = $_SERVER['DOCUMENT_ROOT'].'/cms-files/'.$option.'/'; if($track || $secure) { $cache_file = $root.'user_content/cache/'.$option.'/'; } if(!file_exists($cache_file)) { mkdir($cache_file,0777,TRUE); } $cache_file .= $file; #if the cached version of this file does not exist, make the sized copy of it if(!file_exists($cache_file)) { #Get & Validate the requested height & width $hw = substr($option, 5); $hw2 = explode('x', $hw); $hw2 = ((int)$hw2[0]/2).'x'.((int)$hw2[1]/2); $approved_sizes = (isset($_SESSION['lolp']['cms']['image_sizes'])?array_keys($_SESSION['lolp']['cms']['image_sizes']):FALSE); if(!empty($approved_sizes) && (in_array($hw, $approved_sizes) || in_array($hw2, $approved_sizes))) { list($h,$w) = explode('x', $hw); if($opt=='crop-') { $lol->image_gd->resize_center_crop($h,$w); $image_modified = TRUE; } elseif($opt=='size-') { $lol->image_gd->resize_prop($h,$w); $image_modified = TRUE; } } else { die('not allowed to make image at this size.'); } } } break; } } #write this cached file if we have cropped, resized. if(!empty($image_modified)) { #get the file type $type = substr($ftype,6); if(!in_array($type, array('png','gif','jpeg'))) { $type = 'png'; } #Save the file $method = 'save_'.$type; switch($type) { default: $lol->image_gd->{$method}($cache_file); break; case 'jpeg': $lol->image_gd->{$method}($cache_file,TRUE,80); break; case 'png': $lol->image_gd->{$method}($cache_file,TRUE,9); break; } #As long as we made a cache file, we are not recording this load, and the file is not secure, header over to that cached file. if(file_exists($cache_file) && !$track && !$secure) { #This was just a resize (or crop) request, so redirect to the cached file which is now made. header('Location: '.str_replace($_SERVER['DOCUMENT_ROOT'], '', $cache_file)); die(); } } } if($track || $secure) { $fid = 0; #We need to get into the database, so gain access to $lol. require_once('../../fire.php'); #Get the security level & validate if($secure) { $sql = "SELECT L.`permission`, F.`file_id` FROM `cms_content_files` F INNER JOIN `cms_content_live` L ON(F.`content_id` = L.`content_id`) WHERE F.`filename`='$file'"; $level = $lol->db->qry($sql); $level = current($level); $fid = $level['file_id']; $level = $level['permission']; $user_groups = $lol->plugins->lolp_access->user_groups(); $user_groups = (!empty($user_groups)?array_keys($user_groups):[]); $page_groups = json_decode($level,TRUE); $has_groups = array_intersect($page_groups,$user_groups); # faild check if(empty($has_groups)) { header('HTTP/1.0 401 Unauthorized'); die("
"; $avallo_ret = FALSE; $avallo_mail = FALSE; $avallo_echo = FALSE; $avallo_pr .= print_r(array( "original" => array( 'type' => $ftype, 'path' => $orig_path, ), 'options' => array( 'track' => $track, 'secure' => $secure, 'crop' => $crop, 'resize' => $resize, ), ),TRUE); $avallo_pr .= '
You need to be logged in to view this file.
"); } } #log a track event, if the file should be tracked if($track) { $id = (int)$lol->plugins->lolp_access->user->lolp_access_id; $ua = $lol->user_agent_advanced->getall(); $id = $lol->db->esc($id); $ip = $lol->db->esc($ua['ip']); $os = $lol->db->esc($ua['os']); $file = $lol->db->esc($file); $browser = $lol->db->esc($ua['browser']); $sql = "INSERT INTO `cms_file_track` (`file_id`,`file_name`,`lolp_access_id`,`os`,`browser`,`ip`,`datetime`) VALUES ($fid,'$file',$id,'$os','$browser','$ip',NOW())"; $lol->db->qry($sql); } } if($cache_file) { $orig_path = $cache_file; } $download_rate = 100; // 100 KB if(in_array("download",$options)) { header('Cache-control: private'); header('Content-Type: application/octet-stream'); header('Content-Length: '.filesize($orig_path)); header('Content-Disposition: filename='.basename($orig_path)); } else { header('Content-Type: '.$ftype); header('Content-Length: '.filesize($orig_path)); } flush(); $resource = fopen($orig_path, "r"); while(!feof($resource)) { print fread($resource, round($download_rate * 1024)); flush(); } fclose($resource); } else { header("HTTP/1.1 401 Unauthorized"); die("