diff --git a/op/op.TimelineFeedPreview.php b/op/op.TimelineFeedPreview.php index 610cc506c..183b3d4b7 100644 --- a/op/op.TimelineFeedPreview.php +++ b/op/op.TimelineFeedPreview.php @@ -38,13 +38,11 @@ require_once("SeedDMS/Preview.php"); if(empty($_GET['hash'])) exit; -$token = new SeedDMS_JwtToken($settings->_extensions['encryptionKey']); +$token = new SeedDMS_JwtToken($settings->_encryptionKey); if(!($tokenstr = $token->jwtDecode($_GET['hash']))) exit; $tokendata = json_decode($tokenstr, true); -print_r($tokendata); -exit; if (!isset($tokendata['d']) || !is_numeric($tokendata['d'])) { exit; diff --git a/views/bootstrap/class.TimelineFeed.php b/views/bootstrap/class.TimelineFeed.php index b31319a68..050af1000 100644 --- a/views/bootstrap/class.TimelineFeed.php +++ b/views/bootstrap/class.TimelineFeed.php @@ -39,6 +39,7 @@ class SeedDMS_View_TimelineFeed extends SeedDMS_Theme_Style { function show() { /* {{{ */ $dms = $this->params['dms']; $user = $this->params['user']; + $settings = $this->params['settings']; $httproot = $this->params['httproot']; $skip = $this->params['skip']; $fromdate = $this->params['fromdate']; @@ -132,7 +133,10 @@ class SeedDMS_View_TimelineFeed extends SeedDMS_Theme_Style { $version = $doc->getContentByVersion($item['version']); $previewer->createPreview($version); if($previewer->hasPreview($version)) { - $newItem->addElement('enclosure', null, array('url' => $baseurl.'op/op.TimelineFeedPreview.php?documentid='.$item['document']->getId().'&version='.$version->getVersion().'&width='.$previewwidthdetail, 'length'=>$previewer->getFileSize($version), 'type'=>'image/png')); + $token = new SeedDMS_JwtToken($settings->_encryptionKey); + $data = array('d'=>$doc->getId(), 'v'=>$item['version'], 'u'=>$user->getId(), 'w'=>$previewwidthdetail,); + $hash = $token->jwtEncode($data); + $newItem->addElement('enclosure', null, array('url' => $baseurl.'op/op.TimelineFeedPreview.php?hash='.$hash, 'length'=>$previewer->getFileSize($version), 'type'=>'image/png')); } } $feed->addItem($newItem);