file_url(true); $thumb_url = $item->thumb_url(true); } else { $proxy = ORM::factory("addthis_proxy"); $proxy->uuid = md5(rand()); $proxy->item_id = $item->id; $proxy->save(); $full_url = url::abs_site("addthis/print_proxy/full/$proxy->uuid"); $thumb_url = url::abs_site("addthis/print_proxy/thumb/$proxy->uuid"); } $v = new View("addthis_form.html"); $v->order_parms = array( "addthis_api_version" => "100", "company_id" => module::get_var("addthis", "company_id"), "event_id" => module::get_var("addthis", "event_id"), "cmd" => "addimg", "partner_code" => "69", "return_url" => url::abs_site("addthis/close_window"), "num_images" => "1", "image_1" => $full_url, "thumb_1" => $thumb_url, "image_height_1" => $item->height, "image_width_1" => $item->width, "thumb_height_1" => $item->thumb_height, "thumb_width_1" => $item->thumb_width, "title_1" => html::purify($item->title)); print $v; } public function print_proxy($type, $id) { // If its a request for the full size then make sure we are coming from an // authorized address if ($type == "full") { $remote_addr = ip2long($this->input->server("REMOTE_ADDR")); if ($remote_addr === false) { Kohana::show_404(); } $config = Kohana::config("addthis"); $authorized = false; foreach ($config["ranges"] as $ip_range) { $low = ip2long($ip_range["low"]); $high = ip2long($ip_range["high"]); $authorized = $low !== false && $high !== false && $low <= $remote_addr && $remote_addr <= $high; if ($authorized) { break; } } if (!$authorized) { Kohana::show_404(); } } $proxy = ORM::factory("addthis_proxy", array("uuid" => $id)); if (!$proxy->loaded || !$proxy->item->loaded) { Kohana::show_404(); } $file = $type == "full" ? $proxy->item->file_path() : $proxy->item->thumb_path(); if (!file_exists($file)) { kohana::show_404(); } // We don't need to save the session for this request Session::abort_save(); if (!TEST_MODE) { // Dump out the image header("Content-Type: $proxy->item->mime_type"); Kohana::close_buffers(false); $fd = fopen($file, "rb"); fpassthru($fd); fclose($fd); // If the request was for the image and not the thumb, then delete the proxy. if ($type == "full") { $proxy->delete(); } } $this->_clean_expired(); } public function close_window() { print ""; } private function _clean_expired() { Database::instance()->query( "DELETE FROM {addthis_proxies} " . "WHERE request_date <= (CURDATE() - INTERVAL 10 DAY) " . "LIMIT 20"); } }