diff options
| author | Minteck <minteck@phoenixnet.tech> | 2021-10-31 12:30:56 +0100 |
|---|---|---|
| committer | Minteck <minteck@phoenixnet.tech> | 2021-10-31 12:30:56 +0100 |
| commit | 9eabae58420ecb3cc289d6d7ff4c2414f9c63370 (patch) | |
| tree | 055f950af077d2be7f65ae1f3b2a11362f0d3556 /cdn | |
| download | movies-9eabae58420ecb3cc289d6d7ff4c2414f9c63370.tar.gz movies-9eabae58420ecb3cc289d6d7ff4c2414f9c63370.tar.bz2 movies-9eabae58420ecb3cc289d6d7ff4c2414f9c63370.zip | |
Initial commit
Diffstat (limited to 'cdn')
| -rw-r--r-- | cdn/image/index.php | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/cdn/image/index.php b/cdn/image/index.php new file mode 100644 index 0000000..0a38aee --- /dev/null +++ b/cdn/image/index.php @@ -0,0 +1,28 @@ +<?php + +require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/session.php"; + +if (!isset($_GET['i'])) { + die(); +} + +if (strpos($_GET['i'], ".") !== false || strpos($_GET['i'], "/") !== false) { + die(); +} + +if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/data/films/poster/" . $_GET['i'] . ".png")) { + $file = $_SERVER['DOCUMENT_ROOT'] . "/data/films/poster/" . $_GET['i'] . ".png"; +} else { + $file = $_SERVER['DOCUMENT_ROOT'] . "/data/films/poster/\$default\$.png"; +} + +header('Content-Description: File Transfer'); +header('Content-Type: ' . mime_content_type($file)); +header('Content-Transfer-Encoding: binary'); +header('Expires: 0'); +header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); +header('Pragma: public'); +ob_clean(); +flush(); +readfile($file); +exit;
\ No newline at end of file |