1 files changed, 55 insertions, 0 deletions

diff --git a/htdocs/postimages.php b/htdocs/postimages.php
new file mode 100644
index 0000000..375e8d7
--- /dev/null
+++ b/htdocs/postimages.php
@@ -0,0 +1,55 @@
+<?php
+
+/* Foursquare Community Site
+ * 
+ * Copyright (C) 2011 Foursquare Church.
+ * 
+ * Developers: Jesse Morgan <jmorgan@foursquarestaff.com>
+ *
+ */
+
+require_once "src/base.inc.php";
+
+// Make sure we had a path info
+if (!isset($_SERVER['PATH_INFO'])) {
+    errorNotFound();
+}
+
+// Clean up the id in the path info.
+$id = substr($_SERVER['PATH_INFO'], 1);
+
+if (!is_numeric($id)) {
+    errorNotFound();
+}
+
+// Get the post.
+$post = Post::getByImage($id);
+
+if (!$post or 
+    (!isset($_SESSION['currentUser']) and $post->getStage() != 'approved')) {
+    errorNotFound();
+}
+
+// Check if file exists.
+$file = $CONFIG['uploads'] . "/$id";
+
+if (!file_exists($file)) {
+    echo $file;
+    errorNotFound();
+}
+
+// Output the file
+$info = getimagesize($file);
+header('Content-Type: ' . $info['mime']);
+header('Content-Transfer-Encoding: binary');
+header('Content-Length: ' . filesize($file));
+readfile($file);
+exit;
+
+function errorNotFound() {
+    header("HTTP/1.0 404 Not Found");
+    exit;
+}
+
+?>
+