From: eileenmcnaugton Date: Mon, 31 Aug 2015 21:53:43 +0000 (+1200) Subject: comment & formatting fixes X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=1a7d2e924ccfa3ccd67e8f822ac52ceadb4aad12;p=civicrm-core.git comment & formatting fixes --- diff --git a/CRM/Contact/Page/ImageFile.php b/CRM/Contact/Page/ImageFile.php index 453dd0794d..c978901dcf 100644 --- a/CRM/Contact/Page/ImageFile.php +++ b/CRM/Contact/Page/ImageFile.php @@ -38,6 +38,11 @@ class CRM_Contact_Page_ImageFile extends CRM_Core_Page { */ private $ttl = 43200; + /** + * Run page. + * + * @throws \Exception + */ public function run() { if (!preg_match('/^[^\/]+\.(jpg|jpeg|png|gif)$/i', $_GET['photo'])) { CRM_Core_Error::fatal('Malformed photo name'); @@ -49,6 +54,7 @@ class CRM_Contact_Page_ImageFile extends CRM_Core_Page { 1 => array("%" . $_GET['photo'], 'String'), ); $dao = CRM_Core_DAO::executeQuery($sql, $params); + $cid = NULL; while ($dao->fetch()) { $cid = $dao->id; } @@ -67,6 +73,8 @@ class CRM_Contact_Page_ImageFile extends CRM_Core_Page { } /** + * Download image. + * * @param string $file * Local file path. * @param string $mimeType @@ -77,7 +85,8 @@ class CRM_Contact_Page_ImageFile extends CRM_Core_Page { if (!file_exists($file)) { header("HTTP/1.0 404 Not Found"); return; - } elseif (!is_readable($file)) { + } + elseif (!is_readable($file)) { header('HTTP/1.0 403 Forbidden'); return; }