1 files changed, 31 insertions, 0 deletions
diff --git a/comic.php b/comic.php
new file mode 100644
index 0000000..352060b
--- /dev/null
+++ b/comic.php

@@ -0,0 +1,31 @@
+<?php
+include('includes/db.php');
+if (!isset($_GET['id']))
+{
+        header('Location: /');
+        exit;
+}
+$getcomic = "SELECT * FROM comics WHERE filename = \"" . $_GET['id'] . ".png\"";
+$getcomic2 = mysql_query($getcomic);
+$getcomic3 = mysql_fetch_array($getcomic2);
+if ($getcomic3['filename'] != ($_GET['id'] . '.png'))
+{
+        header('Location: /');
+        exit;
+}
+if ($getcomic3['status'] != 'publish')
+{
+        header('Location: /');
+        exit;
+}
+header('Content-type: image/png');
+readfile($_SERVER['DOCUMENT_ROOT'] . '/images/comics/' . $_GET['id'] . '.png');
+?>

diff --git a/comic.php b/comic.php new file mode 100644 index 0000000..352060b --- /dev/null +++ b/comic.php
@@ -0,0 +1,31 @@
	1	<?php
	2
	3	include('includes/db.php');
	4
	5	if (!isset($_GET['id']))
	6	{
	7	header('Location: /');
	8	exit;
	9	}
	10
	11	$getcomic = "SELECT * FROM comics WHERE filename = \"" . $_GET['id'] . ".png\"";
	12	$getcomic2 = mysql_query($getcomic);
	13	$getcomic3 = mysql_fetch_array($getcomic2);
	14
	15	if ($getcomic3['filename'] != ($_GET['id'] . '.png'))
	16	{
	17	header('Location: /');
	18	exit;
	19	}
	20
	21	if ($getcomic3['status'] != 'publish')
	22	{
	23	header('Location: /');
	24	exit;
	25	}
	26
	27	header('Content-type: image/png');
	28
	29	readfile($_SERVER['DOCUMENT_ROOT'] . '/images/comics/' . $_GET['id'] . '.png');
	30
	31	?>