-
Jared Hancock authored
Process inline attachments in thread entry and support inline images in piped emails Support inline images across the system, with draft support Migrate to a single attachment table That way we don't need a new table for everything we need to attach an inline image to (like a signature, for instance) Add richtext support for internal notes Implement images on site pages * Image paste in Redactor * Make non-local images optional * Placeholder for non-local images * Fix local image download hover * Don't re-attach inline images864d3539
image.php 1009 B
<?php
/*********************************************************************
image.php
Simply downloads the file...on hash validation as follows;
* Hash must be 64 chars long.
* First 32 chars is the perm. file hash
* Next 32 chars is md5(file_id.session_id().file_hash)
Peter Rotich <peter@osticket.com>
Copyright (c) 2006-2013 osTicket
http://www.osticket.com
Released under the GNU General Public License WITHOUT ANY WARRANTY.
See LICENSE.TXT for details.
vim: expandtab sw=4 ts=4 sts=4:
**********************************************************************/
require('client.inc.php');
require_once(INCLUDE_DIR.'class.file.php');
$h=trim($_GET['h']);
//basic checks
if(!$h || strlen($h)!=64 //32*2
|| !($file=AttachmentFile::lookup(substr($h,0,32))) //first 32 is the file hash.
|| strcasecmp($h, $file->getDownloadHash())) //next 32 is file id + session hash.
Http::response(404, 'Unknown or invalid file');
$file->display();
?>