diff options
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/digibug/controllers/digibug.php | 7 | ||||
| -rw-r--r-- | modules/gallery/helpers/gallery.php | 8 |
2 files changed, 9 insertions, 6 deletions
diff --git a/modules/digibug/controllers/digibug.php b/modules/digibug/controllers/digibug.php index 3c2bb115..88d1ace0 100644 --- a/modules/digibug/controllers/digibug.php +++ b/modules/digibug/controllers/digibug.php @@ -95,16 +95,11 @@ class Digibug_Controller extends Controller { if (!TEST_MODE) { // Dump out the image - header("Content-Type: $proxy->item->mime_type"); + header("Content-Type: {$proxy->item->mime_type}"); Kohana::close_buffers(false); $fd = fopen($file, "rb"); fpassthru($fd); fclose($fd); - - // If the request was for the image and not the thumb, then delete the proxy. - if ($type == "full") { - $proxy->delete(); - } } $this->_clean_expired(); diff --git a/modules/gallery/helpers/gallery.php b/modules/gallery/helpers/gallery.php index 3cf0eacd..d7d3d9ad 100644 --- a/modules/gallery/helpers/gallery.php +++ b/modules/gallery/helpers/gallery.php @@ -25,6 +25,10 @@ class gallery_Core { * down for maintenance" page. */ static function maintenance_mode() { + // @todo: we need a mechanism here to identify controllers that are still legally accessible + // when the entire Gallery is in maintenance mode. Perhaps a controller class function or + // method? + // https://sourceforge.net/apps/trac/gallery/ticket/1411 if (Router::$controller != "login" && Router::$controller != "combined" && module::get_var("gallery", "maintenance_mode", 0) && @@ -41,8 +45,12 @@ class gallery_Core { * the login page. */ static function private_gallery() { + // @todo: we need a mechanism here to identify controllers that are still legally accessible + // when the entire Gallery is private. Perhaps a controller class function or method? + // https://sourceforge.net/apps/trac/gallery/ticket/1411 if (Router::$controller != "login" && Router::$controller != "combined" && + Router::$controller != "digibug" && identity::active_user()->guest && !access::user_can(identity::guest(), "view", item::root()) && php_sapi_name() != "cli") { |