Context Navigation

phpThumb.php @ 21

Revision 21, 25.9 kB (checked in by admin, 18 years ago)

Line
1	<?php
2
3	//////////////////////////////////////////////////////////////
4	/// phpThumb() by James Heinrich <info@silisoftware.com> //
5	// available at http://phpthumb.sourceforge.net ///
6	//////////////////////////////////////////////////////////////
7	/// //
8	// See: phpthumb.changelog.txt for recent changes //
9	// See: phpthumb.readme.txt for usage instructions //
10	// ///
11	//////////////////////////////////////////////////////////////
12
13	error_reporting(E_ALL);
14	ini_set('display_errors', '1');
15	if (!@ini_get('safe_mode')) {
16	set_time_limit(60); // shouldn't take nearly this long in most cases, but with many filter and/or a slow server...
17	}
18	ini_set('magic_quotes_runtime', '0');
19	if (@ini_get('magic_quotes_runtime')) {
20	die('"magic_quotes_runtime" is set in php.ini, cannot run phpThumb with this enabled');
21	}
22	$starttime = array_sum(explode(' ', microtime()));
23
24	// this script relies on the superglobal arrays, fake it here for old PHP versions
25	if (phpversion() < '4.1.0') {
26	$_SERVER = $HTTP_SERVER_VARS;
27	$_GET = $HTTP_GET_VARS;
28	}
29
30	// instantiate a new phpThumb() object
31	ob_start();
32	if (!include_once(dirname(__FILE__).'/phpthumb.class.php')) {
33	ob_end_flush();
34	die('failed to include_once("'.realpath(dirname(__FILE__).'/phpthumb.class.php').'")');
35	}
36	ob_end_clean();
37	$phpThumb = new phpThumb();
38	$phpThumb->DebugTimingMessage('phpThumb.php start', __FILE__, __LINE__, $starttime);
39	$phpThumb->SetParameter('config_error_die_on_error', true);
40
41	// phpThumbDebug[0] used to be here, but may reveal too much
42	// info when high_security_mode should be enabled (not set yet)
43
44	if (file_exists(dirname(__FILE__).'/phpThumb.config.php')) {
45	ob_start();
46	if (include_once(dirname(__FILE__).'/phpThumb.config.php')) {
47	// great
48	} else {
49	ob_end_flush();
50	$phpThumb->ErrorImage('failed to include_once('.dirname(__FILE__).'/phpThumb.config.php) - realpath="'.realpath(dirname(__FILE__).'/phpThumb.config.php').'"');
51	}
52	ob_end_clean();
53	} elseif (file_exists(dirname(__FILE__).'/phpThumb.config.php.default')) {
54	$phpThumb->ErrorImage('Please rename "phpThumb.config.php.default" to "phpThumb.config.php"');
55	} else {
56	$phpThumb->ErrorImage('failed to include_once('.dirname(__FILE__).'/phpThumb.config.php) - realpath="'.realpath(dirname(__FILE__).'/phpThumb.config.php').'"');
57	}
58
59	if (!@$PHPTHUMB_CONFIG['disable_pathinfo_parsing'] && (empty($_GET) \|\| isset($_GET['phpThumbDebug'])) && !empty($_SERVER['PATH_INFO'])) {
60	$_SERVER['PHP_SELF'] = str_replace($_SERVER['PATH_INFO'], '', @$_SERVER['PHP_SELF']);
61
62	$args = explode(';', substr($_SERVER['PATH_INFO'], 1));
63	$phpThumb->DebugMessage('PATH_INFO.$args set to ('.implode(')(', $args).')', __FILE__, __LINE__);
64	if (!empty($args)) {
65	$_GET['src'] = @$args[count($args) - 1];
66	if (eregi('^new\=([a-z0-9]+)', $_GET['src'], $matches)) {
67	unset($_GET['src']);
68	$_GET['new'] = $matches[1];
69	}
70	}
71	if (eregi('^([0-9])x?([0-9])$', @$args[count($args) - 2], $matches)) {
72	$_GET['w'] = $matches[1];
73	$_GET['h'] = $matches[2];
74	$phpThumb->DebugMessage('PATH_INFO."w"x"h" set to "'.$_GET['w'].'"x"'.$_GET['h'].'"', __FILE__, __LINE__);
75	}
76	for ($i = 0; $i < count($args) - 2; $i++) {
77	@list($key, $value) = explode('=', @$args[$i]);
78	if (substr($key, -2) == '[]') {
79	$array_key_name = substr($key, 0, -2);
80	$_GET[$array_key_name][] = $value;
81	$phpThumb->DebugMessage('PATH_INFO."'.$array_key_name.'[]" = "'.$value.'"', __FILE__, __LINE__);
82	} else {
83	$_GET[$key] = $value;
84	$phpThumb->DebugMessage('PATH_INFO."'.$key.'" = "'.$value.'"', __FILE__, __LINE__);
85	}
86	}
87	}
88
89	if (@$PHPTHUMB_CONFIG['high_security_enabled']) {
90	if (!@$_GET['hash']) {
91	$phpThumb->ErrorImage('ERROR: missing hash');
92	} elseif (strlen($PHPTHUMB_CONFIG['high_security_password']) < 5) {
93	$phpThumb->ErrorImage('ERROR: strlen($PHPTHUMB_CONFIG[high_security_password]) < 5');
94	} elseif ($_GET['hash'] != md5(str_replace('&hash='.$_GET['hash'], '', $_SERVER['QUERY_STRING']).$PHPTHUMB_CONFIG['high_security_password'])) {
95	$phpThumb->ErrorImage('ERROR: invalid hash');
96	}
97	}
98
99	////////////////////////////////////////////////////////////////
100	// Debug output, to try and help me diagnose problems
101	$phpThumb->DebugTimingMessage('phpThumbDebug[0]', __FILE__, __LINE__);
102	if (@$_GET['phpThumbDebug'] == '0') {
103	$phpThumb->phpThumbDebug();
104	}
105	////////////////////////////////////////////////////////////////
106
107	// returned the fixed string if the evil "magic_quotes_gpc" setting is on
108	if (get_magic_quotes_gpc()) {
109	$RequestVarsToStripSlashes = array('src', 'wmf', 'file', 'err', 'goto', 'down');
110	foreach ($RequestVarsToStripSlashes as $key) {
111	if (isset($_GET[$key])) {
112	$_GET[$key] = stripslashes($_GET[$key]);
113	}
114	}
115	}
116
117	if (!@$_SERVER['PATH_INFO'] && !@$_SERVER['QUERY_STRING']) {
118	$phpThumb->ErrorImage('phpThumb() v'.$phpThumb->phpthumb_version.'<br><a href="http://phpthumb.sourceforge.net">http://phpthumb.sourceforge.net</a><br><br>ERROR: no parameters specified');
119	}
120
121	if (@$_GET['src'] && isset($_GET['md5s']) && empty($_GET['md5s'])) {
122	if (eregi('^(f\|ht)tps?://', $_GET['src'])) {
123	if ($rawImageData = phpthumb_functions::SafeURLread($_GET['src'], $error, $phpThumb->config_http_fopen_timeout, $phpThumb->config_http_follow_redirect)) {
124	$md5s = md5($rawImageData);
125	}
126	} else {
127	$SourceFilename = $phpThumb->ResolveFilenameToAbsolute($_GET['src']);
128	if (is_readable($SourceFilename)) {
129	$md5s = phpthumb_functions::md5_file_safe($SourceFilename);
130	} else {
131	$phpThumb->ErrorImage('ERROR: "'.$SourceFilename.'" cannot be read');
132	}
133	}
134	if (@$_SERVER['HTTP_REFERER']) {
135	$phpThumb->ErrorImage('&md5s='.$md5s);
136	} else {
137	die('&md5s='.$md5s);
138	}
139	}
140
141	if (!empty($PHPTHUMB_CONFIG)) {
142	foreach ($PHPTHUMB_CONFIG as $key => $value) {
143	$keyname = 'config_'.$key;
144	$phpThumb->setParameter($keyname, $value);
145	if (!eregi('password', $key)) {
146	$phpThumb->DebugMessage('setParameter('.$keyname.', '.$phpThumb->phpThumbDebugVarDump($value).')', __FILE__, __LINE__);
147	}
148	}
149	} else {
150	$phpThumb->DebugMessage('$PHPTHUMB_CONFIG is empty', __FILE__, __LINE__);
151	}
152
153	if (@$_GET['src'] && !@$PHPTHUMB_CONFIG['allow_local_http_src'] && eregi('^http://'.@$_SERVER['HTTP_HOST'].'(.+)', @$_GET['src'], $matches)) {
154	$phpThumb->ErrorImage('It is MUCH better to specify the "src" parameter as "'.$matches[1].'" instead of "'.$matches[0].'".'."\n\n".'If you really must do it this way, enable "allow_local_http_src" in phpThumb.config.php');
155	}
156
157	////////////////////////////////////////////////////////////////
158	// Debug output, to try and help me diagnose problems
159	$phpThumb->DebugTimingMessage('phpThumbDebug[1]', __FILE__, __LINE__);
160	if (@$_GET['phpThumbDebug'] == '1') {
161	$phpThumb->phpThumbDebug();
162	}
163	////////////////////////////////////////////////////////////////
164
165	$parsed_url_referer = parse_url(@$_SERVER['HTTP_REFERER']);
166	if ($phpThumb->config_nooffsitelink_require_refer && !in_array(@$parsed_url_referer['host'], $phpThumb->config_nohotlink_valid_domains)) {
167	$phpThumb->ErrorImage('config_nooffsitelink_require_refer enabled and '.(@$parsed_url_referer['host'] ? '"'.$parsed_url_referer['host'].'" is not an allowed referer' : 'no HTTP_REFERER exists'));
168	}
169	$parsed_url_src = parse_url(@$_GET['src']);
170	if ($phpThumb->config_nohotlink_enabled && $phpThumb->config_nohotlink_erase_image && eregi('^(f\|ht)tps?://', @$_GET['src']) && !in_array(@$parsed_url_src['host'], $phpThumb->config_nohotlink_valid_domains)) {
171	$phpThumb->ErrorImage($phpThumb->config_nohotlink_text_message);
172	}
173
174	if ($phpThumb->config_mysql_query) {
175	if ($cid = @mysql_connect($phpThumb->config_mysql_hostname, $phpThumb->config_mysql_username, $phpThumb->config_mysql_password)) {
176	if (@mysql_select_db($phpThumb->config_mysql_database, $cid)) {
177	if ($result = @mysql_query($phpThumb->config_mysql_query, $cid)) {
178	if ($row = @mysql_fetch_array($result)) {
179
180	mysql_free_result($result);
181	mysql_close($cid);
182	$phpThumb->setSourceData($row[0]);
183	unset($row);
184
185	} else {
186	mysql_free_result($result);
187	mysql_close($cid);
188	$phpThumb->ErrorImage('no matching data in database.');
189	}
190	} else {
191	mysql_close($cid);
192	$phpThumb->ErrorImage('Error in MySQL query: "'.mysql_error($cid).'"');
193	}
194	} else {
195	mysql_close($cid);
196	$phpThumb->ErrorImage('cannot select MySQL database: "'.mysql_error($cid).'"');
197	}
198	} else {
199	$phpThumb->ErrorImage('cannot connect to MySQL server');
200	}
201	unset($_GET['id']);
202	}
203
204	////////////////////////////////////////////////////////////////
205	// Debug output, to try and help me diagnose problems
206	$phpThumb->DebugTimingMessage('phpThumbDebug[2]', __FILE__, __LINE__);
207	if (@$_GET['phpThumbDebug'] == '2') {
208	$phpThumb->phpThumbDebug();
209	}
210	////////////////////////////////////////////////////////////////
211
212	if (@$PHPTHUMB_CONFIG['cache_default_only_suffix'] && (strpos($PHPTHUMB_CONFIG['cache_default_only_suffix'], '*') !== false)) {
213	$PHPTHUMB_DEFAULTS_DISABLEGETPARAMS = true;
214	}
215	// deprecated: 'err', 'file', 'goto',
216	$allowedGETparameters = array('src', 'new', 'w', 'h', 'wp', 'hp', 'wl', 'hl', 'ws', 'hs', 'f', 'q', 'sx', 'sy', 'sw', 'sh', 'zc', 'bc', 'bg', 'bgt', 'fltr', 'xto', 'ra', 'ar', 'aoe', 'far', 'iar', 'maxb', 'down', 'phpThumbDebug', 'hash', 'md5s', 'sfn', 'dpi', 'sia');
217	if (!empty($PHPTHUMB_DEFAULTS) && is_array($PHPTHUMB_DEFAULTS)) {
218	$phpThumb->DebugMessage('setting $PHPTHUMB_DEFAULTS['.implode(';', array_keys($PHPTHUMB_DEFAULTS)).']', __FILE__, __LINE__);
219	foreach ($PHPTHUMB_DEFAULTS as $key => $value) {
220	if ($PHPTHUMB_DEFAULTS_GETSTRINGOVERRIDE \|\| !isset($_GET[$key])) {
221	$_GET[$key] = $value;
222	$phpThumb->DebugMessage('PHPTHUMB_DEFAULTS assigning ('.$value.') to $_GET['.$key.']', __FILE__, __LINE__);
223	//$phpThumb->DebugMessage('PHPTHUMB_DEFAULTS.setParameter('.$key.', '.$phpThumb->phpThumbDebugVarDump($value).')', __FILE__, __LINE__);
224	//$phpThumb->setParameter($key, $value);
225	}
226	}
227	}
228	foreach ($_GET as $key => $value) {
229	if (@$PHPTHUMB_DEFAULTS_DISABLEGETPARAMS && ($key != 'src')) {
230	// disabled, do not set parameter
231	$phpThumb->DebugMessage('ignoring $_GET['.$key.'] because of $PHPTHUMB_DEFAULTS_DISABLEGETPARAMS', __FILE__, __LINE__);
232	} elseif (in_array($key, $allowedGETparameters)) {
233	$phpThumb->DebugMessage('setParameter('.$key.', '.$phpThumb->phpThumbDebugVarDump($value).')', __FILE__, __LINE__);
234	$phpThumb->setParameter($key, $value);
235	} else {
236	$phpThumb->ErrorImage('Forbidden parameter: '.$key);
237	}
238	}
239
240	////////////////////////////////////////////////////////////////
241	// Debug output, to try and help me diagnose problems
242	$phpThumb->DebugTimingMessage('phpThumbDebug[3]', __FILE__, __LINE__);
243	if (@$_GET['phpThumbDebug'] == '3') {
244	$phpThumb->phpThumbDebug();
245	}
246	////////////////////////////////////////////////////////////////
247
248	//if (!@$_GET['phpThumbDebug'] && !$phpThumb->sourceFilename && !function_exists('ImageJPEG') && !function_exists('ImagePNG') && !function_exists('ImageGIF')) {
249	if (!@$_GET['phpThumbDebug'] && !is_file($phpThumb->sourceFilename) && !phpthumb_functions::gd_version()) {
250	if (!headers_sent()) {
251	// base64-encoded error image in GIF format
252	$ERROR_NOGD = 'R0lGODlhIAAgALMAAAAAABQUFCQkJDY2NkZGRldXV2ZmZnJycoaGhpSUlKWlpbe3t8XFxdXV1eTk5P7+/iwAAAAAIAAgAAAE/vDJSau9WILtTAACUinDNijZtAHfCojS4W5H+qxD8xibIDE9h0OwWaRWDIljJSkUJYsN4bihMB8th3IToAKs1VtYM75cyV8sZ8vygtOE5yMKmGbO4jRdICQCjHdlZzwzNW4qZSQmKDaNjhUMBX4BBAlmMywFSRWEmAI6b5gAlhNxokGhooAIK5o/pi9vEw4Lfj4OLTAUpj6IabMtCwlSFw0DCKBoFqwAB04AjI54PyZ+yY3TD0ss2YcVmN/gvpcu4TOyFivWqYJlbAHPpOntvxNAACcmGHjZzAZqzSzcq5fNjxFmAFw9iFRunD1epU6tsIPmFCAJnWYE0FURk7wJDA0MTKpEzoWAAskiAAA7';
253	header('Content-Type: image/gif');
254	echo base64_decode($ERROR_NOGD);
255	} else {
256	echo '* ERROR: No PHP-GD support available *';
257	}
258	exit;
259	}
260
261	// check to see if file can be output from source with no processing or caching
262	$CanPassThroughDirectly = true;
263	if ($phpThumb->rawImageData) {
264	// data from SQL, should be fine
265	} elseif (eregi('^(f\|ht)tp\://', $phpThumb->src)) {
266	$phpThumb->DebugMessage('$CanPassThroughDirectly=false because eregi("^(f\|ht)tp\://", '.$phpThumb->src.')', __FILE__, __LINE__);
267	$CanPassThroughDirectly = false;
268	} elseif (!@is_file($phpThumb->sourceFilename)) {
269	$phpThumb->DebugMessage('$CanPassThroughDirectly=false because !@is_file('.$phpThumb->sourceFilename.')', __FILE__, __LINE__);
270	$CanPassThroughDirectly = false;
271	} elseif (!@is_readable($phpThumb->sourceFilename)) {
272	$phpThumb->DebugMessage('$CanPassThroughDirectly=false because !@is_readable('.$phpThumb->sourceFilename.')', __FILE__, __LINE__);
273	$CanPassThroughDirectly = false;
274	}
275	foreach ($_GET as $key => $value) {
276	switch ($key) {
277	case 'src':
278	// allowed
279	break;
280
281	case 'w':
282	case 'h':
283	// might be OK if exactly matches original
284	break;
285
286	case 'phpThumbDebug':
287	// handled in direct-passthru code
288	break;
289
290	default:
291	// all other parameters will cause some processing,
292	// therefore cannot pass through original image unmodified
293	$CanPassThroughDirectly = false;
294	$UnAllowedGET[] = $key;
295	break;
296	}
297	}
298	if (!empty($UnAllowedGET)) {
299	$phpThumb->DebugMessage('$CanPassThroughDirectly=false because $_GET['.implode(';', array_unique($UnAllowedGET)).'] are set', __FILE__, __LINE__);
300	}
301
302	////////////////////////////////////////////////////////////////
303	// Debug output, to try and help me diagnose problems
304	$phpThumb->DebugTimingMessage('phpThumbDebug[4]', __FILE__, __LINE__);
305	if (@$_GET['phpThumbDebug'] == '4') {
306	$phpThumb->phpThumbDebug();
307	}
308	////////////////////////////////////////////////////////////////
309
310	function SendSaveAsFileHeaderIfNeeded() {
311	if (headers_sent()) {
312	return false;
313	}
314	global $phpThumb;
315	$downloadfilename = phpthumb_functions::SanitizeFilename(@$_GET['sia'] ? $_GET['sia'] : (@$_GET['down'] ? $_GET['down'] : 'phpThumb_generated_thumbnail'.(@$_GET['f'] ? $_GET['f'] : 'jpg')));
316	if (@$downloadfilename) {
317	$phpThumb->DebugMessage('SendSaveAsFileHeaderIfNeeded() sending header: Content-Disposition: '.(@$_GET['down'] ? 'attachment' : 'inline').'; filename="'.$downloadfilename.'"', __FILE__, __LINE__);
318	header('Content-Disposition: '.(@$_GET['down'] ? 'attachment' : 'inline').'; filename="'.$downloadfilename.'"');
319	}
320	return true;
321	}
322
323	$phpThumb->DebugMessage('$CanPassThroughDirectly="'.intval($CanPassThroughDirectly).'" && $phpThumb->src="'.$phpThumb->src.'"', __FILE__, __LINE__);
324	while ($CanPassThroughDirectly && $phpThumb->src) {
325	// no parameters set, passthru
326	$SourceFilename = $phpThumb->ResolveFilenameToAbsolute($phpThumb->src);
327
328	// security and size checks
329	if ($phpThumb->getimagesizeinfo = @GetImageSize($SourceFilename)) {
330	$phpThumb->DebugMessage('Direct passthru GetImageSize() returned [w='.$phpThumb->getimagesizeinfo[0].';h='.$phpThumb->getimagesizeinfo[1].';t='.$phpThumb->getimagesizeinfo[2].']', __FILE__, __LINE__);
331
332	if (!@$_GET['w'] && !@$_GET['wp'] && !@$_GET['wl'] && !@$_GET['ws'] && !@$_GET['h'] && !@$_GET['hp'] && !@$_GET['hl'] && !@$_GET['hs']) {
333	// no resizing needed
334	$phpThumb->DebugMessage('Passing "'.$SourceFilename.'" through directly, no resizing required ("'.$phpThumb->getimagesizeinfo[0].'"x"'.$phpThumb->getimagesizeinfo[1].'")', __FILE__, __LINE__);
335	} elseif (($phpThumb->getimagesizeinfo[0] <= @$_GET['w']) && ($phpThumb->getimagesizeinfo[1] <= @$_GET['h']) && ((@$_GET['w'] == $phpThumb->getimagesizeinfo[0]) \|\| (@$_GET['h'] == $phpThumb->getimagesizeinfo[1]))) {
336	// image fits into 'w'x'h' box, and at least one dimension matches exactly, therefore no resizing needed
337	$phpThumb->DebugMessage('Passing "'.$SourceFilename.'" through directly, no resizing required ("'.$phpThumb->getimagesizeinfo[0].'"x"'.$phpThumb->getimagesizeinfo[1].'" fits inside "'.@$_GET['w'].'"x"'.@$_GET['h'].'")', __FILE__, __LINE__);
338	} else {
339	$phpThumb->DebugMessage('Not passing "'.$SourceFilename.'" through directly because resizing required (from "'.$phpThumb->getimagesizeinfo[0].'"x"'.$phpThumb->getimagesizeinfo[1].'" to "'.@$_GET['w'].'"x"'.@$_GET['h'].'")', __FILE__, __LINE__);
340	break;
341	}
342	switch ($phpThumb->getimagesizeinfo[2]) {
343	case 1: // GIF
344	case 2: // JPG
345	case 3: // PNG
346	// great, let it through
347	break;
348	default:
349	// browser probably can't handle format, remangle it to JPEG/PNG/GIF
350	$phpThumb->DebugMessage('Not passing "'.$SourceFilename.'" through directly because $phpThumb->getimagesizeinfo[2] = "'.$phpThumb->getimagesizeinfo[2].'"', __FILE__, __LINE__);
351	break 2;
352	}
353
354	$ImageCreateFunctions = array(1=>'ImageCreateFromGIF', 2=>'ImageCreateFromJPEG', 3=>'ImageCreateFromPNG');
355	$theImageCreateFunction = @$ImageCreateFunctions[$phpThumb->getimagesizeinfo[2]];
356	if ($phpThumb->config_disable_onlycreateable_passthru \|\| (function_exists($theImageCreateFunction) && ($dummyImage = @$theImageCreateFunction($SourceFilename)))) {
357
358	// great
359	if (@is_resource($dummyImage)) {
360	unset($dummyImage);
361	}
362
363	if (headers_sent()) {
364	$phpThumb->ErrorImage('Headers already sent ('.basename(__FILE__).' line '.__LINE__.')');
365	exit;
366	}
367	if (@$_GET['phpThumbDebug']) {
368	$phpThumb->DebugTimingMessage('skipped direct $SourceFilename passthru', __FILE__, __LINE__);
369	$phpThumb->DebugMessage('Would have passed "'.$SourceFilename.'" through directly, but skipping due to phpThumbDebug', __FILE__, __LINE__);
370	break;
371	}
372
373	SendSaveAsFileHeaderIfNeeded();
374	header('Last-Modified: '.gmdate('D, d M Y H:i:s', @filemtime($SourceFilename)).' GMT');
375	if ($contentType = phpthumb_functions::ImageTypeToMIMEtype(@$phpThumb->getimagesizeinfo[2])) {
376	header('Content-Type: '.$contentType);
377	}
378	@readfile($SourceFilename);
379	exit;
380
381	} else {
382	$phpThumb->DebugMessage('Not passing "'.$SourceFilename.'" through directly because ($phpThumb->config_disable_onlycreateable_passthru = "'.$phpThumb->config_disable_onlycreateable_passthru.'") and '.$theImageCreateFunction.'() failed', __FILE__, __LINE__);
383	break;
384	}
385
386	} else {
387	$phpThumb->DebugMessage('Not passing "'.$SourceFilename.'" through directly because GetImageSize() failed', __FILE__, __LINE__);
388	break;
389	}
390	break;
391	}
392
393	////////////////////////////////////////////////////////////////
394	// Debug output, to try and help me diagnose problems
395	$phpThumb->DebugTimingMessage('phpThumbDebug[5]', __FILE__, __LINE__);
396	if (@$_GET['phpThumbDebug'] == '5') {
397	$phpThumb->phpThumbDebug();
398	}
399	////////////////////////////////////////////////////////////////
400
401	function RedirectToCachedFile() {
402	global $phpThumb, $PHPTHUMB_CONFIG;
403
404	$nice_cachefile = str_replace(DIRECTORY_SEPARATOR, '/', $phpThumb->cache_filename);
405	$nice_docroot = str_replace(DIRECTORY_SEPARATOR, '/', rtrim($PHPTHUMB_CONFIG['document_root'], '/\\'));
406
407	$parsed_url = @parse_url(@$_SERVER['HTTP_REFERER']);
408
409	$nModified = filemtime($phpThumb->cache_filename);
410
411	if ($phpThumb->config_nooffsitelink_enabled && @$_SERVER['HTTP_REFERER'] && !in_array(@$parsed_url['host'], $phpThumb->config_nooffsitelink_valid_domains)) {
412
413	$phpThumb->DebugMessage('Would have used cached (image/'.$phpThumb->thumbnailFormat.') file "'.$phpThumb->cache_filename.'" (Last-Modified: '.gmdate('D, d M Y H:i:s', $nModified).' GMT), but skipping because $_SERVER[HTTP_REFERER] ('.@$_SERVER['HTTP_REFERER'].') is not in $phpThumb->config_nooffsitelink_valid_domains ('.implode(';', $phpThumb->config_nooffsitelink_valid_domains).')', __FILE__, __LINE__);
414
415	} elseif ($phpThumb->phpThumbDebug) {
416
417	$phpThumb->DebugTimingMessage('skipped using cached image', __FILE__, __LINE__);
418	$phpThumb->DebugMessage('Would have used cached file, but skipping due to phpThumbDebug', __FILE__, __LINE__);
419	$phpThumb->DebugMessage('* Would have sent headers (1): Last-Modified: '.gmdate('D, d M Y H:i:s', $nModified).' GMT', __FILE__, __LINE__);
420	if ($getimagesize = @GetImageSize($phpThumb->cache_filename)) {
421	$phpThumb->DebugMessage('* Would have sent headers (2): Content-Type: '.phpthumb_functions::ImageTypeToMIMEtype($getimagesize[2]), __FILE__, __LINE__);
422	}
423	if (ereg('^'.preg_quote($nice_docroot).'(.*)$', $nice_cachefile, $matches)) {
424	$phpThumb->DebugMessage('* Would have sent headers (3): Location: '.dirname($matches[1]).'/'.urlencode(basename($matches[1])), __FILE__, __LINE__);
425	} else {
426	$phpThumb->DebugMessage('* Would have sent data: readfile('.$phpThumb->cache_filename.')', __FILE__, __LINE__);
427	}
428
429	} else {
430
431	if (headers_sent()) {
432	$phpThumb->ErrorImage('Headers already sent ('.basename(__FILE__).' line '.__LINE__.')');
433	exit;
434	}
435	SendSaveAsFileHeaderIfNeeded();
436
437	header('Last-Modified: '.gmdate('D, d M Y H:i:s', $nModified).' GMT');
438	if (@$_SERVER['HTTP_IF_MODIFIED_SINCE'] && ($nModified == strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE'])) && @$_SERVER['SERVER_PROTOCOL']) {
439	header($_SERVER['SERVER_PROTOCOL'].' 304 Not Modified');
440	exit;
441	}
442
443	if ($getimagesize = @GetImageSize($phpThumb->cache_filename)) {
444	header('Content-Type: '.phpthumb_functions::ImageTypeToMIMEtype($getimagesize[2]));
445	} elseif (eregi('\.ico$', $phpThumb->cache_filename)) {
446	header('Content-Type: image/x-icon');
447	}
448	if (!@$PHPTHUMB_CONFIG['cache_force_passthru'] && ereg('^'.preg_quote($nice_docroot).'(.*)$', $nice_cachefile, $matches)) {
449	header('Location: '.dirname($matches[1]).'/'.urlencode(basename($matches[1])));
450	} else {
451	@readfile($phpThumb->cache_filename);
452	}
453	exit;
454
455	}
456	return true;
457	}
458
459	// check to see if file already exists in cache, and output it with no processing if it does
460	$phpThumb->SetCacheFilename();
461	if (@is_file($phpThumb->cache_filename)) {
462	RedirectToCachedFile();
463	} else {
464	$phpThumb->DebugMessage('Cached file "'.$phpThumb->cache_filename.'" does not exist, processing as normal', __FILE__, __LINE__);
465	}
466
467	////////////////////////////////////////////////////////////////
468	// Debug output, to try and help me diagnose problems
469	$phpThumb->DebugTimingMessage('phpThumbDebug[6]', __FILE__, __LINE__);
470	if (@$_GET['phpThumbDebug'] == '6') {
471	$phpThumb->phpThumbDebug();
472	}
473	////////////////////////////////////////////////////////////////
474
475	if ($phpThumb->rawImageData) {
476
477	// great
478
479	} elseif (@$_GET['new']) {
480
481	// generate a blank image resource of the specified size/background color/opacity
482	if (($phpThumb->w <= 0) \|\| ($phpThumb->h <= 0)) {
483	$phpThumb->ErrorImage('"w" and "h" parameters required for "new"');
484	}
485	@list($bghexcolor, $opacity) = explode('\|', $_GET['new']);
486	if (!phpthumb_functions::IsHexColor($bghexcolor)) {
487	$phpThumb->ErrorImage('BGcolor parameter for "new" is not valid');
488	}
489	$opacity = (strlen($opacity) ? $opacity : 100);
490	if ($phpThumb->gdimg_source = phpthumb_functions::ImageCreateFunction($phpThumb->w, $phpThumb->h)) {
491	$alpha = (100 - min(100, max(0, $opacity))) * 1.27;
492	if ($alpha) {
493	$phpThumb->setParameter('is_alpha', true);
494	ImageAlphaBlending($phpThumb->gdimg_source, false);
495	ImageSaveAlpha($phpThumb->gdimg_source, true);
496	}
497	$new_background_color = phpthumb_functions::ImageHexColorAllocate($phpThumb->gdimg_source, $bghexcolor, false, $alpha);
498	ImageFilledRectangle($phpThumb->gdimg_source, 0, 0, $phpThumb->w, $phpThumb->h, $new_background_color);
499	} else {
500	$phpThumb->ErrorImage('failed to create "new" image ('.$phpThumb->w.'x'.$phpThumb->h.')');
501	}
502
503	} elseif (!$phpThumb->src) {
504
505	$phpThumb->ErrorImage('Usage: '.$_SERVER['PHP_SELF'].'?src=/path/and/filename.jpg'."\n".'read Usage comments for details');
506
507	} elseif (eregi('^(f\|ht)tp\://', $phpThumb->src)) {
508
509	if ($phpThumb->config_http_user_agent) {
510	ini_set('user_agent', $phpThumb->config_http_user_agent);
511	}
512
513	if ($rawImageData = phpthumb_functions::SafeURLread(phpthumb_functions::CleanUpURLencoding($phpThumb->src), $error, $phpThumb->config_http_fopen_timeout, $phpThumb->config_http_follow_redirect)) {
514	$phpThumb->setSourceData($rawImageData, urlencode($phpThumb->src));
515	} else {
516	$phpThumb->ErrorImage($error);
517	}
518	}
519
520	////////////////////////////////////////////////////////////////
521	// Debug output, to try and help me diagnose problems
522	$phpThumb->DebugTimingMessage('phpThumbDebug[7]', __FILE__, __LINE__);
523	if (@$_GET['phpThumbDebug'] == '7') {
524	$phpThumb->phpThumbDebug();
525	}
526	////////////////////////////////////////////////////////////////
527
528	$phpThumb->GenerateThumbnail();
529
530	////////////////////////////////////////////////////////////////
531	// Debug output, to try and help me diagnose problems
532	$phpThumb->DebugTimingMessage('phpThumbDebug[8]', __FILE__, __LINE__);
533	if (@$_GET['phpThumbDebug'] == '8') {
534	$phpThumb->phpThumbDebug();
535	}
536	////////////////////////////////////////////////////////////////
537
538	if ($phpThumb->config_allow_parameter_file && $phpThumb->file) {
539
540	$phpThumb->RenderToFile($phpThumb->ResolveFilenameToAbsolute($phpThumb->file));
541	if ($phpThumb->config_allow_parameter_goto && $phpThumb->goto && eregi('^(f\|ht)tps?://', $phpThumb->goto)) {
542	// redirect to another URL after image has been rendered to file
543	header('Location: '.$phpThumb->goto);
544	exit;
545	}
546
547	} elseif (@$PHPTHUMB_CONFIG['high_security_enabled'] && @$_GET['nocache']) {
548
549	// cache disabled, don't write cachefile
550
551	} else {
552
553	phpthumb_functions::EnsureDirectoryExists(dirname($phpThumb->cache_filename));
554	if ((file_exists($phpThumb->cache_filename) && is_writable($phpThumb->cache_filename)) \|\| is_writable(dirname($phpThumb->cache_filename))) {
555
556	$phpThumb->CleanUpCacheDirectory();
557	if ($phpThumb->RenderToFile($phpThumb->cache_filename) && is_readable($phpThumb->cache_filename)) {
558	chmod($phpThumb->cache_filename, 0644);
559	RedirectToCachedFile();
560	} else {
561	$phpThumb->DebugMessage('Failed: RenderToFile('.$phpThumb->cache_filename.')', __FILE__, __LINE__);
562	}
563
564	} else {
565
566	$phpThumb->DebugMessage('Cannot write to $phpThumb->cache_filename ('.$phpThumb->cache_filename.') because that directory ('.dirname($phpThumb->cache_filename).') is not writable', __FILE__, __LINE__);
567
568	}
569
570	}
571
572	////////////////////////////////////////////////////////////////
573	// Debug output, to try and help me diagnose problems
574	$phpThumb->DebugTimingMessage('phpThumbDebug[9]', __FILE__, __LINE__);
575	if (@$_GET['phpThumbDebug'] == '9') {
576	$phpThumb->phpThumbDebug();
577	}
578	////////////////////////////////////////////////////////////////
579
580	if (!$phpThumb->OutputThumbnail()) {
581	$phpThumb->ErrorImage('Error in OutputThumbnail():'."\n".$phpThumb->debugmessages[(count($phpThumb->debugmessages) - 1)]);
582	}
583
584	////////////////////////////////////////////////////////////////
585	// Debug output, to try and help me diagnose problems
586	$phpThumb->DebugTimingMessage('phpThumbDebug[10]', __FILE__, __LINE__);
587	if (@$_GET['phpThumbDebug'] == '10') {
588	$phpThumb->phpThumbDebug();
589	}
590	////////////////////////////////////////////////////////////////
591
592	?>

Note: See TracBrowser for help on using the browser.

Context Navigation

root/afridex/plugins/Flutter/phpThumb.php @ 21

Download in other formats: