enmi-conf.org: wp/wp-content/themes/IN-MOTION-package-u1/in-motion/scripts/timthumb.php@d970ebf37754 (annotated)

0 d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1	<?php
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	2	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	3	* TimThumb by Ben Gillbanks and Mark Maunder
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	4	* Based on work done by Tim McDaniels and Darren Hoyt
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	5	* http://code.google.com/p/timthumb/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	6	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	7	* GNU General Public License, version 2
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	8	* http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	9	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	10	* Examples and documentation available on the project homepage
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	11	* http://www.binarymoon.co.uk/projects/timthumb/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	12	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	13	* $Rev$
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	14	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	15
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	16	/*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	17	* --- TimThumb CONFIGURATION ---
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	18	* To edit the configs it is best to create a file called timthumb-config.php
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	19	* and define variables you want to customize in there. It will automatically be
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	20	* loaded by timthumb. This will save you having to re-edit these variables
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	21	* everytime you download a new version
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	22	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	23	define ('VERSION', '2.8.13'); // Version of this script
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	24	//Load a config file if it exists. Otherwise, use the values below
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	25	if( file_exists(dirname(__FILE__) . '/timthumb-config.php')) require_once('timthumb-config.php');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	26	if(! defined('DEBUG_ON') ) define ('DEBUG_ON', false); // Enable debug logging to web server error log (STDERR)
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	27	if(! defined('DEBUG_LEVEL') ) define ('DEBUG_LEVEL', 1); // Debug level 1 is less noisy and 3 is the most noisy
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	28	if(! defined('MEMORY_LIMIT') ) define ('MEMORY_LIMIT', '30M'); // Set PHP memory limit
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	29	if(! defined('BLOCK_EXTERNAL_LEECHERS') ) define ('BLOCK_EXTERNAL_LEECHERS', false); // If the image or webshot is being loaded on an external site, display a red "No Hotlinking" gif.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	30	if(! defined('DISPLAY_ERROR_MESSAGES') ) define ('DISPLAY_ERROR_MESSAGES', true); // Display error messages. Set to false to turn off errors (good for production websites)
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	31	//Image fetching and caching
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	32	if(! defined('ALLOW_EXTERNAL') ) define ('ALLOW_EXTERNAL', TRUE); // Allow image fetching from external websites. Will check against ALLOWED_SITES if ALLOW_ALL_EXTERNAL_SITES is false
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	33	if(! defined('ALLOW_ALL_EXTERNAL_SITES') ) define ('ALLOW_ALL_EXTERNAL_SITES', false); // Less secure.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	34	if(! defined('FILE_CACHE_ENABLED') ) define ('FILE_CACHE_ENABLED', TRUE); // Should we store resized/modified images on disk to speed things up?
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	35	if(! defined('FILE_CACHE_TIME_BETWEEN_CLEANS')) define ('FILE_CACHE_TIME_BETWEEN_CLEANS', 86400); // How often the cache is cleaned
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	36
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	37	if(! defined('FILE_CACHE_MAX_FILE_AGE') ) define ('FILE_CACHE_MAX_FILE_AGE', 86400); // How old does a file have to be to be deleted from the cache
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	38	if(! defined('FILE_CACHE_SUFFIX') ) define ('FILE_CACHE_SUFFIX', '.timthumb.txt'); // What to put at the end of all files in the cache directory so we can identify them
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	39	if(! defined('FILE_CACHE_PREFIX') ) define ('FILE_CACHE_PREFIX', 'timthumb'); // What to put at the beg of all files in the cache directory so we can identify them
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	40	if(! defined('FILE_CACHE_DIRECTORY') ) define ('FILE_CACHE_DIRECTORY', './cache'); // Directory where images are cached. Left blank it will use the system temporary directory (which is better for security)
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	41	if(! defined('MAX_FILE_SIZE') ) define ('MAX_FILE_SIZE', 10485760); // 10 Megs is 10485760. This is the max internal or external file size that we'll process.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	42	if(! defined('CURL_TIMEOUT') ) define ('CURL_TIMEOUT', 20); // Timeout duration for Curl. This only applies if you have Curl installed and aren't using PHP's default URL fetching mechanism.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	43	if(! defined('WAIT_BETWEEN_FETCH_ERRORS') ) define ('WAIT_BETWEEN_FETCH_ERRORS', 3600); // Time to wait between errors fetching remote file
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	44
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	45	//Browser caching
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	46	if(! defined('BROWSER_CACHE_MAX_AGE') ) define ('BROWSER_CACHE_MAX_AGE', 864000); // Time to cache in the browser
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	47	if(! defined('BROWSER_CACHE_DISABLE') ) define ('BROWSER_CACHE_DISABLE', false); // Use for testing if you want to disable all browser caching
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	48
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	49	//Image size and defaults
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	50	if(! defined('MAX_WIDTH') ) define ('MAX_WIDTH', 1500); // Maximum image width
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	51	if(! defined('MAX_HEIGHT') ) define ('MAX_HEIGHT', 1500); // Maximum image height
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	52	if(! defined('NOT_FOUND_IMAGE') ) define ('NOT_FOUND_IMAGE', ''); // Image to serve if any 404 occurs
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	53	if(! defined('ERROR_IMAGE') ) define ('ERROR_IMAGE', ''); // Image to serve if an error occurs instead of showing error message
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	54	if(! defined('PNG_IS_TRANSPARENT') ) define ('PNG_IS_TRANSPARENT', FALSE); // Define if a png image should have a transparent background color. Use False value if you want to display a custom coloured canvas_colour
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	55	if(! defined('DEFAULT_Q') ) define ('DEFAULT_Q', 90); // Default image quality. Allows overrid in timthumb-config.php
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	56	if(! defined('DEFAULT_ZC') ) define ('DEFAULT_ZC', 1); // Default zoom/crop setting. Allows overrid in timthumb-config.php
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	57	if(! defined('DEFAULT_F') ) define ('DEFAULT_F', ''); // Default image filters. Allows overrid in timthumb-config.php
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	58	if(! defined('DEFAULT_S') ) define ('DEFAULT_S', 0); // Default sharpen value. Allows overrid in timthumb-config.php
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	59	if(! defined('DEFAULT_CC') ) define ('DEFAULT_CC', 'ffffff'); // Default canvas colour. Allows overrid in timthumb-config.php
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	60	if(! defined('DEFAULT_WIDTH') ) define ('DEFAULT_WIDTH', 100); // Default thumbnail width. Allows overrid in timthumb-config.php
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	61	if(! defined('DEFAULT_HEIGHT') ) define ('DEFAULT_HEIGHT', 100); // Default thumbnail height. Allows overrid in timthumb-config.php
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	62
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	63	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	64	* Additional Parameters:
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	65	* LOCAL_FILE_BASE_DIRECTORY = Override the DOCUMENT_ROOT. This is best used in timthumb-config.php
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	66	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	67
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	68	//Image compression is enabled if either of these point to valid paths
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	69
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	70	//These are now disabled by default because the file sizes of PNGs (and GIFs) are much smaller than we used to generate.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	71	//They only work for PNGs. GIFs and JPEGs are not affected.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	72	if(! defined('OPTIPNG_ENABLED') ) define ('OPTIPNG_ENABLED', false);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	73	if(! defined('OPTIPNG_PATH') ) define ('OPTIPNG_PATH', '/usr/bin/optipng'); //This will run first because it gives better compression than pngcrush.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	74	if(! defined('PNGCRUSH_ENABLED') ) define ('PNGCRUSH_ENABLED', false);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	75	if(! defined('PNGCRUSH_PATH') ) define ('PNGCRUSH_PATH', '/usr/bin/pngcrush'); //This will only run if OPTIPNG_PATH is not set or is not valid
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	76
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	77	/*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	78	-------====Website Screenshots configuration - BETA====-------
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	79
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	80	If you just want image thumbnails and don't want website screenshots, you can safely leave this as is.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	81
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	82	If you would like to get website screenshots set up, you will need root access to your own server.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	83
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	84	Enable ALLOW_ALL_EXTERNAL_SITES so you can fetch any external web page. This is more secure now that we're using a non-web folder for cache.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	85	Enable BLOCK_EXTERNAL_LEECHERS so that your site doesn't generate thumbnails for the whole Internet.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	86
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	87	Instructions to get website screenshots enabled on Ubuntu Linux:
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	88
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	89	1. Install Xvfb with the following command: sudo apt-get install subversion libqt4-webkit libqt4-dev g++ xvfb
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	90	2. Go to a directory where you can download some code
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	91	3. Check-out the latest version of CutyCapt with the following command: svn co https://cutycapt.svn.sourceforge.net/svnroot/cutycapt
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	92	4. Compile CutyCapt by doing: cd cutycapt/CutyCapt
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	93	5. qmake
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	94	6. make
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	95	7. cp CutyCapt /usr/local/bin/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	96	8. Test it by running: xvfb-run --server-args="-screen 0, 1024x768x24" CutyCapt --url="http://markmaunder.com/" --out=test.png
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	97	9. If you get a file called test.png with something in it, it probably worked. Now test the script by accessing it as follows:
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	98	10. http://yoursite.com/path/to/timthumb.php?src=http://markmaunder.com/&webshot=1
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	99
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	100	Notes on performance:
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	101	The first time a webshot loads, it will take a few seconds.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	102	From then on it uses the regular timthumb caching mechanism with the configurable options above
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	103	and loading will be very fast.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	104
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	105	--ADVANCED USERS ONLY--
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	106	If you'd like a slight speedup (about 25%) and you know Linux, you can run the following command which will keep Xvfb running in the background.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	107	nohup Xvfb :100 -ac -nolisten tcp -screen 0, 1024x768x24 > /dev/null 2>&1 &
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	108	Then set WEBSHOT_XVFB_RUNNING = true below. This will save your server having to fire off a new Xvfb server and shut it down every time a new shot is generated.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	109	You will need to take responsibility for keeping Xvfb running in case it crashes. (It seems pretty stable)
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	110	You will also need to take responsibility for server security if you're running Xvfb as root.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	111
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	112
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	113	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	114	if(! defined('WEBSHOT_ENABLED') ) define ('WEBSHOT_ENABLED', false); //Beta feature. Adding webshot=1 to your query string will cause the script to return a browser screenshot rather than try to fetch an image.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	115	if(! defined('WEBSHOT_CUTYCAPT') ) define ('WEBSHOT_CUTYCAPT', '/usr/local/bin/CutyCapt'); //The path to CutyCapt.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	116	if(! defined('WEBSHOT_XVFB') ) define ('WEBSHOT_XVFB', '/usr/bin/xvfb-run'); //The path to the Xvfb server
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	117	if(! defined('WEBSHOT_SCREEN_X') ) define ('WEBSHOT_SCREEN_X', '1024'); //1024 works ok
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	118	if(! defined('WEBSHOT_SCREEN_Y') ) define ('WEBSHOT_SCREEN_Y', '768'); //768 works ok
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	119	if(! defined('WEBSHOT_COLOR_DEPTH') ) define ('WEBSHOT_COLOR_DEPTH', '24'); //I haven't tested anything besides 24
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	120	if(! defined('WEBSHOT_IMAGE_FORMAT') ) define ('WEBSHOT_IMAGE_FORMAT', 'png'); //png is about 2.5 times the size of jpg but is a LOT better quality
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	121	if(! defined('WEBSHOT_TIMEOUT') ) define ('WEBSHOT_TIMEOUT', '20'); //Seconds to wait for a webshot
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	122	if(! defined('WEBSHOT_USER_AGENT') ) define ('WEBSHOT_USER_AGENT', "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.2.18) Gecko/20110614 Firefox/3.6.18"); //I hate to do this, but a non-browser robot user agent might not show what humans see. So we pretend to be Firefox
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	123	if(! defined('WEBSHOT_JAVASCRIPT_ON') ) define ('WEBSHOT_JAVASCRIPT_ON', true); //Setting to false might give you a slight speedup and block ads. But it could cause other issues.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	124	if(! defined('WEBSHOT_JAVA_ON') ) define ('WEBSHOT_JAVA_ON', false); //Have only tested this as fase
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	125	if(! defined('WEBSHOT_PLUGINS_ON') ) define ('WEBSHOT_PLUGINS_ON', true); //Enable flash and other plugins
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	126	if(! defined('WEBSHOT_PROXY') ) define ('WEBSHOT_PROXY', ''); //In case you're behind a proxy server.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	127	if(! defined('WEBSHOT_XVFB_RUNNING') ) define ('WEBSHOT_XVFB_RUNNING', false); //ADVANCED: Enable this if you've got Xvfb running in the background.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	128
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	129
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	130	// If ALLOW_EXTERNAL is true and ALLOW_ALL_EXTERNAL_SITES is false, then external images will only be fetched from these domains and their subdomains.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	131	if(! isset($ALLOWED_SITES)){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	132	$ALLOWED_SITES = array (
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	133	'flickr.com',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	134	'staticflickr.com',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	135	'picasa.com',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	136	'img.youtube.com',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	137	'upload.wikimedia.org',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	138	'photobucket.com',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	139	'imgur.com',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	140	'imageshack.us',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	141	'tinypic.com',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	142	);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	143	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	144	// -------------------------------------------------------------
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	145	// -------------- STOP EDITING CONFIGURATION HERE --------------
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	146	// -------------------------------------------------------------
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	147
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	148	timthumb::start();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	149
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	150	class timthumb {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	151	protected $src = "";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	152	protected $is404 = false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	153	protected $docRoot = "";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	154	protected $lastURLError = false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	155	protected $localImage = "";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	156	protected $localImageMTime = 0;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	157	protected $url = false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	158	protected $myHost = "";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	159	protected $isURL = false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	160	protected $cachefile = '';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	161	protected $errors = array();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	162	protected $toDeletes = array();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	163	protected $cacheDirectory = '';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	164	protected $startTime = 0;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	165	protected $lastBenchTime = 0;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	166	protected $cropTop = false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	167	protected $salt = "";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	168	protected $fileCacheVersion = 1; //Generally if timthumb.php is modifed (upgraded) then the salt changes and all cache files are recreated. This is a backup mechanism to force regen.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	169	protected $filePrependSecurityBlock = "<?php die('Execution denied!'); //"; //Designed to have three letter mime type, space, question mark and greater than symbol appended. 6 bytes total.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	170	protected static $curlDataWritten = 0;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	171	protected static $curlFH = false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	172	public static function start(){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	173	$tim = new timthumb();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	174	$tim->handleErrors();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	175	$tim->securityChecks();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	176	if($tim->tryBrowserCache()){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	177	exit(0);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	178	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	179	$tim->handleErrors();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	180	if(FILE_CACHE_ENABLED && $tim->tryServerCache()){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	181	exit(0);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	182	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	183	$tim->handleErrors();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	184	$tim->run();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	185	$tim->handleErrors();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	186	exit(0);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	187	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	188	public function __construct(){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	189	global $ALLOWED_SITES;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	190	$this->startTime = microtime(true);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	191	date_default_timezone_set('UTC');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	192	$this->debug(1, "Starting new request from " . $this->getIP() . " to " . $_SERVER['REQUEST_URI']);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	193	$this->calcDocRoot();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	194	//On windows systems I'm assuming fileinode returns an empty string or a number that doesn't change. Check this.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	195	$this->salt = @filemtime(__FILE__) . '-' . @fileinode(__FILE__);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	196	$this->debug(3, "Salt is: " . $this->salt);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	197	if(FILE_CACHE_DIRECTORY){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	198	if(! is_dir(FILE_CACHE_DIRECTORY)){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	199	@mkdir(FILE_CACHE_DIRECTORY);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	200	if(! is_dir(FILE_CACHE_DIRECTORY)){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	201	$this->error("Could not create the file cache directory.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	202	return false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	203	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	204	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	205	$this->cacheDirectory = FILE_CACHE_DIRECTORY;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	206	if (!touch($this->cacheDirectory . '/index.html')) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	207	$this->error("Could not create the index.html file - to fix this create an empty file named index.html file in the cache directory.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	208	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	209	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	210	$this->cacheDirectory = sys_get_temp_dir();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	211	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	212	//Clean the cache before we do anything because we don't want the first visitor after FILE_CACHE_TIME_BETWEEN_CLEANS expires to get a stale image.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	213	$this->cleanCache();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	214
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	215	$this->myHost = preg_replace('/^www\./i', '', $_SERVER['HTTP_HOST']);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	216	$this->src = $this->param('src');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	217	$this->url = parse_url($this->src);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	218	$this->src = preg_replace('/https?:\/\/(?:www\.)?' . $this->myHost . '/i', '', $this->src);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	219
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	220	if(strlen($this->src) <= 3){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	221	$this->error("No image specified");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	222	return false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	223	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	224	if(BLOCK_EXTERNAL_LEECHERS && array_key_exists('HTTP_REFERER', $_SERVER) && (! preg_match('/^https?:\/\/(?:www\.)?' . $this->myHost . '(?:$\|\/)/i', $_SERVER['HTTP_REFERER']))){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	225	// base64 encoded red image that says 'no hotlinkers'
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	226	// nothing to worry about! :)
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	227	$imgData = base64_decode("R0lGODlhUAAMAIAAAP8AAP///yH5BAAHAP8ALAAAAABQAAwAAAJpjI+py+0Po5y0OgAMjjv01YUZ\nOGplhWXfNa6JCLnWkXplrcBmW+spbwvaVr/cDyg7IoFC2KbYVC2NQ5MQ4ZNao9Ynzjl9ScNYpneb\nDULB3RP6JuPuaGfuuV4fumf8PuvqFyhYtjdoeFgAADs=");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	228	header('Content-Type: image/gif');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	229	header('Content-Length: ' . strlen($imgData));
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	230	header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	231	header("Pragma: no-cache");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	232	header('Expires: ' . gmdate ('D, d M Y H:i:s', time()));
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	233	echo $imgData;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	234	return false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	235	exit(0);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	236	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	237	if(preg_match('/^https?:\/\/[^\/]+/i', $this->src)){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	238	$this->debug(2, "Is a request for an external URL: " . $this->src);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	239	$this->isURL = true;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	240	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	241	$this->debug(2, "Is a request for an internal file: " . $this->src);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	242	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	243	if($this->isURL && (! ALLOW_EXTERNAL)){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	244	$this->error("You are not allowed to fetch images from an external website.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	245	return false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	246	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	247	if($this->isURL){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	248	if(ALLOW_ALL_EXTERNAL_SITES){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	249	$this->debug(2, "Fetching from all external sites is enabled.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	250	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	251	$this->debug(2, "Fetching only from selected external sites is enabled.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	252	$allowed = false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	253	foreach($ALLOWED_SITES as $site){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	254	if ((strtolower(substr($this->url['host'],-strlen($site)-1)) === strtolower(".$site")) \|\| (strtolower($this->url['host'])===strtolower($site))) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	255	$this->debug(3, "URL hostname {$this->url['host']} matches $site so allowing.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	256	$allowed = true;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	257	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	258	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	259	if(! $allowed){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	260	return $this->error("You may not fetch images from that site. To enable this site in timthumb, you can either add it to \$ALLOWED_SITES and set ALLOW_EXTERNAL=true. Or you can set ALLOW_ALL_EXTERNAL_SITES=true, depending on your security needs.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	261	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	262	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	263	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	264
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	265	$cachePrefix = ($this->isURL ? '_ext_' : '_int_');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	266	if($this->isURL){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	267	$arr = explode('&', $_SERVER ['QUERY_STRING']);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	268	asort($arr);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	269	$this->cachefile = $this->cacheDirectory . '/' . FILE_CACHE_PREFIX . $cachePrefix . md5($this->salt . implode('', $arr) . $this->fileCacheVersion) . FILE_CACHE_SUFFIX;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	270	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	271	$this->localImage = $this->getLocalImagePath($this->src);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	272	if(! $this->localImage){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	273	$this->debug(1, "Could not find the local image: {$this->localImage}");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	274	$this->error("Could not find the internal image you specified.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	275	$this->set404();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	276	return false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	277	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	278	$this->debug(1, "Local image path is {$this->localImage}");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	279	$this->localImageMTime = @filemtime($this->localImage);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	280	//We include the mtime of the local file in case in changes on disk.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	281	$this->cachefile = $this->cacheDirectory . '/' . FILE_CACHE_PREFIX . $cachePrefix . md5($this->salt . $this->localImageMTime . $_SERVER ['QUERY_STRING'] . $this->fileCacheVersion) . FILE_CACHE_SUFFIX;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	282	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	283	$this->debug(2, "Cache file is: " . $this->cachefile);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	284
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	285	return true;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	286	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	287	public function __destruct(){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	288	foreach($this->toDeletes as $del){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	289	$this->debug(2, "Deleting temp file $del");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	290	@unlink($del);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	291	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	292	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	293	public function run(){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	294	if($this->isURL){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	295	if(! ALLOW_EXTERNAL){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	296	$this->debug(1, "Got a request for an external image but ALLOW_EXTERNAL is disabled so returning error msg.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	297	$this->error("You are not allowed to fetch images from an external website.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	298	return false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	299	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	300	$this->debug(3, "Got request for external image. Starting serveExternalImage.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	301	if($this->param('webshot')){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	302	if(WEBSHOT_ENABLED){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	303	$this->debug(3, "webshot param is set, so we're going to take a webshot.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	304	$this->serveWebshot();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	305	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	306	$this->error("You added the webshot parameter but webshots are disabled on this server. You need to set WEBSHOT_ENABLED == true to enable webshots.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	307	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	308	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	309	$this->debug(3, "webshot is NOT set so we're going to try to fetch a regular image.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	310	$this->serveExternalImage();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	311
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	312	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	313	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	314	$this->debug(3, "Got request for internal image. Starting serveInternalImage()");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	315	$this->serveInternalImage();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	316	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	317	return true;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	318	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	319	protected function handleErrors(){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	320	if($this->haveErrors()){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	321	if(NOT_FOUND_IMAGE && $this->is404()){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	322	if($this->serveImg(NOT_FOUND_IMAGE)){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	323	exit(0);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	324	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	325	$this->error("Additionally, the 404 image that is configured could not be found or there was an error serving it.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	326	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	327	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	328	if(ERROR_IMAGE){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	329	if($this->serveImg(ERROR_IMAGE)){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	330	exit(0);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	331	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	332	$this->error("Additionally, the error image that is configured could not be found or there was an error serving it.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	333	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	334	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	335	$this->serveErrors();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	336	exit(0);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	337	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	338	return false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	339	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	340	protected function tryBrowserCache(){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	341	if(BROWSER_CACHE_DISABLE){ $this->debug(3, "Browser caching is disabled"); return false; }
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	342	if(!empty($_SERVER['HTTP_IF_MODIFIED_SINCE']) ){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	343	$this->debug(3, "Got a conditional get");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	344	$mtime = false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	345	//We've already checked if the real file exists in the constructor
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	346	if(! is_file($this->cachefile)){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	347	//If we don't have something cached, regenerate the cached image.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	348	return false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	349	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	350	if($this->localImageMTime){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	351	$mtime = $this->localImageMTime;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	352	$this->debug(3, "Local real file's modification time is $mtime");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	353	} else if(is_file($this->cachefile)){ //If it's not a local request then use the mtime of the cached file to determine the 304
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	354	$mtime = @filemtime($this->cachefile);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	355	$this->debug(3, "Cached file's modification time is $mtime");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	356	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	357	if(! $mtime){ return false; }
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	358
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	359	$iftime = strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE']);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	360	$this->debug(3, "The conditional get's if-modified-since unixtime is $iftime");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	361	if($iftime < 1){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	362	$this->debug(3, "Got an invalid conditional get modified since time. Returning false.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	363	return false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	364	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	365	if($iftime < $mtime){ //Real file or cache file has been modified since last request, so force refetch.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	366	$this->debug(3, "File has been modified since last fetch.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	367	return false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	368	} else { //Otherwise serve a 304
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	369	$this->debug(3, "File has not been modified since last get, so serving a 304.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	370	header ($_SERVER['SERVER_PROTOCOL'] . ' 304 Not Modified');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	371	$this->debug(1, "Returning 304 not modified");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	372	return true;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	373	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	374	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	375	return false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	376	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	377	protected function tryServerCache(){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	378	$this->debug(3, "Trying server cache");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	379	if(file_exists($this->cachefile)){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	380	$this->debug(3, "Cachefile {$this->cachefile} exists");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	381	if($this->isURL){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	382	$this->debug(3, "This is an external request, so checking if the cachefile is empty which means the request failed previously.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	383	if(filesize($this->cachefile) < 1){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	384	$this->debug(3, "Found an empty cachefile indicating a failed earlier request. Checking how old it is.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	385	//Fetching error occured previously
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	386	if(time() - @filemtime($this->cachefile) > WAIT_BETWEEN_FETCH_ERRORS){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	387	$this->debug(3, "File is older than " . WAIT_BETWEEN_FETCH_ERRORS . " seconds. Deleting and returning false so app can try and load file.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	388	@unlink($this->cachefile);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	389	return false; //to indicate we didn't serve from cache and app should try and load
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	390	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	391	$this->debug(3, "Empty cachefile is still fresh so returning message saying we had an error fetching this image from remote host.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	392	$this->set404();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	393	$this->error("An error occured fetching image.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	394	return false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	395	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	396	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	397	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	398	$this->debug(3, "Trying to serve cachefile {$this->cachefile}");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	399	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	400	if($this->serveCacheFile()){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	401	$this->debug(3, "Succesfully served cachefile {$this->cachefile}");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	402	return true;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	403	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	404	$this->debug(3, "Failed to serve cachefile {$this->cachefile} - Deleting it from cache.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	405	//Image serving failed. We can't retry at this point, but lets remove it from cache so the next request recreates it
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	406	@unlink($this->cachefile);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	407	return true;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	408	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	409	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	410	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	411	protected function error($err){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	412	$this->debug(3, "Adding error message: $err");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	413	$this->errors[] = $err;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	414	return false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	415
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	416	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	417	protected function haveErrors(){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	418	if(sizeof($this->errors) > 0){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	419	return true;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	420	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	421	return false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	422	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	423	protected function serveErrors(){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	424	header ($_SERVER['SERVER_PROTOCOL'] . ' 400 Bad Request');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	425	if ( ! DISPLAY_ERROR_MESSAGES ) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	426	return;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	427	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	428	$html = '<ul>';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	429	foreach($this->errors as $err){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	430	$html .= '<li>' . htmlentities($err) . '</li>';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	431	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	432	$html .= '</ul>';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	433	echo '<h1>A TimThumb error has occured</h1>The following error(s) occured:<br />' . $html . '<br />';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	434	echo '<br />Query String : ' . htmlentities( $_SERVER['QUERY_STRING'], ENT_QUOTES );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	435	echo '<br />TimThumb version : ' . VERSION . '</pre>';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	436	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	437	protected function serveInternalImage(){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	438	$this->debug(3, "Local image path is $this->localImage");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	439	if(! $this->localImage){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	440	$this->sanityFail("localImage not set after verifying it earlier in the code.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	441	return false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	442	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	443	$fileSize = filesize($this->localImage);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	444	if($fileSize > MAX_FILE_SIZE){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	445	$this->error("The file you specified is greater than the maximum allowed file size.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	446	return false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	447	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	448	if($fileSize <= 0){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	449	$this->error("The file you specified is <= 0 bytes.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	450	return false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	451	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	452	$this->debug(3, "Calling processImageAndWriteToCache() for local image.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	453	if($this->processImageAndWriteToCache($this->localImage)){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	454	$this->serveCacheFile();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	455	return true;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	456	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	457	return false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	458	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	459	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	460	protected function cleanCache(){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	461	if (FILE_CACHE_TIME_BETWEEN_CLEANS < 0) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	462	return;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	463	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	464	$this->debug(3, "cleanCache() called");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	465	$lastCleanFile = $this->cacheDirectory . '/timthumb_cacheLastCleanTime.touch';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	466
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	467	//If this is a new timthumb installation we need to create the file
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	468	if(! is_file($lastCleanFile)){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	469	$this->debug(1, "File tracking last clean doesn't exist. Creating $lastCleanFile");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	470	if (!touch($lastCleanFile)) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	471	$this->error("Could not create cache clean timestamp file.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	472	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	473	return;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	474	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	475	if(@filemtime($lastCleanFile) < (time() - FILE_CACHE_TIME_BETWEEN_CLEANS) ){ //Cache was last cleaned more than 1 day ago
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	476	$this->debug(1, "Cache was last cleaned more than " . FILE_CACHE_TIME_BETWEEN_CLEANS . " seconds ago. Cleaning now.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	477	// Very slight race condition here, but worst case we'll have 2 or 3 servers cleaning the cache simultaneously once a day.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	478	if (!touch($lastCleanFile)) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	479	$this->error("Could not create cache clean timestamp file.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	480	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	481	$files = glob($this->cacheDirectory . '/*' . FILE_CACHE_SUFFIX);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	482	if ($files) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	483	$timeAgo = time() - FILE_CACHE_MAX_FILE_AGE;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	484	foreach($files as $file){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	485	if(@filemtime($file) < $timeAgo){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	486	$this->debug(3, "Deleting cache file $file older than max age: " . FILE_CACHE_MAX_FILE_AGE . " seconds");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	487	@unlink($file);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	488	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	489	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	490	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	491	return true;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	492	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	493	$this->debug(3, "Cache was cleaned less than " . FILE_CACHE_TIME_BETWEEN_CLEANS . " seconds ago so no cleaning needed.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	494	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	495	return false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	496	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	497	protected function processImageAndWriteToCache($localImage){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	498	$sData = getimagesize($localImage);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	499	$origType = $sData[2];
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	500	$mimeType = $sData['mime'];
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	501
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	502	$this->debug(3, "Mime type of image is $mimeType");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	503	if(! preg_match('/^image\/(?:gif\|jpg\|jpeg\|png)$/i', $mimeType)){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	504	return $this->error("The image being resized is not a valid gif, jpg or png.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	505	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	506
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	507	if (!function_exists ('imagecreatetruecolor')) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	508	return $this->error('GD Library Error: imagecreatetruecolor does not exist - please contact your webhost and ask them to install the GD library');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	509	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	510
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	511	if (function_exists ('imagefilter') && defined ('IMG_FILTER_NEGATE')) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	512	$imageFilters = array (
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	513	1 => array (IMG_FILTER_NEGATE, 0),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	514	2 => array (IMG_FILTER_GRAYSCALE, 0),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	515	3 => array (IMG_FILTER_BRIGHTNESS, 1),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	516	4 => array (IMG_FILTER_CONTRAST, 1),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	517	5 => array (IMG_FILTER_COLORIZE, 4),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	518	6 => array (IMG_FILTER_EDGEDETECT, 0),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	519	7 => array (IMG_FILTER_EMBOSS, 0),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	520	8 => array (IMG_FILTER_GAUSSIAN_BLUR, 0),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	521	9 => array (IMG_FILTER_SELECTIVE_BLUR, 0),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	522	10 => array (IMG_FILTER_MEAN_REMOVAL, 0),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	523	11 => array (IMG_FILTER_SMOOTH, 0),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	524	);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	525	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	526
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	527	// get standard input properties
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	528	$new_width = (int) abs ($this->param('w', 0));
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	529	$new_height = (int) abs ($this->param('h', 0));
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	530	$zoom_crop = (int) $this->param('zc', DEFAULT_ZC);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	531	$quality = (int) abs ($this->param('q', DEFAULT_Q));
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	532	$align = $this->cropTop ? 't' : $this->param('a', 'c');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	533	$filters = $this->param('f', DEFAULT_F);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	534	$sharpen = (bool) $this->param('s', DEFAULT_S);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	535	$canvas_color = $this->param('cc', DEFAULT_CC);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	536	$canvas_trans = (bool) $this->param('ct', '1');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	537
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	538	// set default width and height if neither are set already
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	539	if ($new_width == 0 && $new_height == 0) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	540	$new_width = (int) DEFAULT_WIDTH;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	541	$new_height = (int) DEFAULT_HEIGHT;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	542	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	543
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	544	// ensure size limits can not be abused
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	545	$new_width = min ($new_width, MAX_WIDTH);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	546	$new_height = min ($new_height, MAX_HEIGHT);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	547
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	548	// set memory limit to be able to have enough space to resize larger images
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	549	$this->setMemoryLimit();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	550
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	551	// open the existing image
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	552	$image = $this->openImage ($mimeType, $localImage);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	553	if ($image === false) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	554	return $this->error('Unable to open image.');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	555	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	556
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	557	// Get original width and height
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	558	$width = imagesx ($image);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	559	$height = imagesy ($image);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	560	$origin_x = 0;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	561	$origin_y = 0;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	562
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	563	// generate new w/h if not provided
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	564	if ($new_width && !$new_height) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	565	$new_height = floor ($height * ($new_width / $width));
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	566	} else if ($new_height && !$new_width) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	567	$new_width = floor ($width * ($new_height / $height));
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	568	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	569
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	570	// scale down and add borders
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	571	if ($zoom_crop == 3) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	572
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	573	$final_height = $height * ($new_width / $width);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	574
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	575	if ($final_height > $new_height) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	576	$new_width = $width * ($new_height / $height);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	577	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	578	$new_height = $final_height;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	579	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	580
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	581	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	582
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	583	// create a new true color image
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	584	$canvas = imagecreatetruecolor ($new_width, $new_height);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	585	imagealphablending ($canvas, false);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	586
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	587	if (strlen($canvas_color) == 3) { //if is 3-char notation, edit string into 6-char notation
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	588	$canvas_color = str_repeat(substr($canvas_color, 0, 1), 2) . str_repeat(substr($canvas_color, 1, 1), 2) . str_repeat(substr($canvas_color, 2, 1), 2);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	589	} else if (strlen($canvas_color) != 6) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	590	$canvas_color = DEFAULT_CC; // on error return default canvas color
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	591	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	592
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	593	$canvas_color_R = hexdec (substr ($canvas_color, 0, 2));
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	594	$canvas_color_G = hexdec (substr ($canvas_color, 2, 2));
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	595	$canvas_color_B = hexdec (substr ($canvas_color, 4, 2));
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	596
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	597	// Create a new transparent color for image
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	598	// If is a png and PNG_IS_TRANSPARENT is false then remove the alpha transparency
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	599	// (and if is set a canvas color show it in the background)
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	600	if(preg_match('/^image\/png$/i', $mimeType) && !PNG_IS_TRANSPARENT && $canvas_trans){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	601	$color = imagecolorallocatealpha ($canvas, $canvas_color_R, $canvas_color_G, $canvas_color_B, 127);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	602	}else{
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	603	$color = imagecolorallocatealpha ($canvas, $canvas_color_R, $canvas_color_G, $canvas_color_B, 0);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	604	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	605
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	606
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	607	// Completely fill the background of the new image with allocated color.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	608	imagefill ($canvas, 0, 0, $color);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	609
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	610	// scale down and add borders
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	611	if ($zoom_crop == 2) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	612
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	613	$final_height = $height * ($new_width / $width);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	614
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	615	if ($final_height > $new_height) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	616
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	617	$origin_x = $new_width / 2;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	618	$new_width = $width * ($new_height / $height);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	619	$origin_x = round ($origin_x - ($new_width / 2));
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	620
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	621	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	622
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	623	$origin_y = $new_height / 2;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	624	$new_height = $final_height;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	625	$origin_y = round ($origin_y - ($new_height / 2));
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	626
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	627	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	628
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	629	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	630
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	631	// Restore transparency blending
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	632	imagesavealpha ($canvas, true);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	633
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	634	if ($zoom_crop > 0) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	635
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	636	$src_x = $src_y = 0;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	637	$src_w = $width;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	638	$src_h = $height;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	639
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	640	$cmp_x = $width / $new_width;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	641	$cmp_y = $height / $new_height;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	642
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	643	// calculate x or y coordinate and width or height of source
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	644	if ($cmp_x > $cmp_y) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	645
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	646	$src_w = round ($width / $cmp_x * $cmp_y);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	647	$src_x = round (($width - ($width / $cmp_x * $cmp_y)) / 2);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	648
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	649	} else if ($cmp_y > $cmp_x) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	650
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	651	$src_h = round ($height / $cmp_y * $cmp_x);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	652	$src_y = round (($height - ($height / $cmp_y * $cmp_x)) / 2);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	653
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	654	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	655
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	656	// positional cropping!
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	657	if ($align) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	658	if (strpos ($align, 't') !== false) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	659	$src_y = 0;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	660	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	661	if (strpos ($align, 'b') !== false) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	662	$src_y = $height - $src_h;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	663	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	664	if (strpos ($align, 'l') !== false) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	665	$src_x = 0;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	666	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	667	if (strpos ($align, 'r') !== false) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	668	$src_x = $width - $src_w;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	669	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	670	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	671
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	672	imagecopyresampled ($canvas, $image, $origin_x, $origin_y, $src_x, $src_y, $new_width, $new_height, $src_w, $src_h);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	673
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	674	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	675
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	676	// copy and resize part of an image with resampling
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	677	imagecopyresampled ($canvas, $image, 0, 0, 0, 0, $new_width, $new_height, $width, $height);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	678
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	679	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	680
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	681	if ($filters != '' && function_exists ('imagefilter') && defined ('IMG_FILTER_NEGATE')) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	682	// apply filters to image
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	683	$filterList = explode ('\|', $filters);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	684	foreach ($filterList as $fl) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	685
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	686	$filterSettings = explode (',', $fl);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	687	if (isset ($imageFilters[$filterSettings[0]])) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	688
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	689	for ($i = 0; $i < 4; $i ++) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	690	if (!isset ($filterSettings[$i])) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	691	$filterSettings[$i] = null;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	692	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	693	$filterSettings[$i] = (int) $filterSettings[$i];
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	694	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	695	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	696
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	697	switch ($imageFilters[$filterSettings[0]][1]) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	698
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	699	case 1:
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	700
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	701	imagefilter ($canvas, $imageFilters[$filterSettings[0]][0], $filterSettings[1]);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	702	break;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	703
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	704	case 2:
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	705
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	706	imagefilter ($canvas, $imageFilters[$filterSettings[0]][0], $filterSettings[1], $filterSettings[2]);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	707	break;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	708
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	709	case 3:
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	710
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	711	imagefilter ($canvas, $imageFilters[$filterSettings[0]][0], $filterSettings[1], $filterSettings[2], $filterSettings[3]);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	712	break;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	713
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	714	case 4:
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	715
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	716	imagefilter ($canvas, $imageFilters[$filterSettings[0]][0], $filterSettings[1], $filterSettings[2], $filterSettings[3], $filterSettings[4]);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	717	break;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	718
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	719	default:
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	720
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	721	imagefilter ($canvas, $imageFilters[$filterSettings[0]][0]);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	722	break;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	723
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	724	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	725	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	726	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	727	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	728
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	729	// sharpen image
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	730	if ($sharpen && function_exists ('imageconvolution')) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	731
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	732	$sharpenMatrix = array (
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	733	array (-1,-1,-1),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	734	array (-1,16,-1),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	735	array (-1,-1,-1),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	736	);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	737
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	738	$divisor = 8;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	739	$offset = 0;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	740
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	741	imageconvolution ($canvas, $sharpenMatrix, $divisor, $offset);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	742
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	743	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	744	//Straight from Wordpress core code. Reduces filesize by up to 70% for PNG's
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	745	if ( (IMAGETYPE_PNG == $origType \|\| IMAGETYPE_GIF == $origType) && function_exists('imageistruecolor') && !imageistruecolor( $image ) && imagecolortransparent( $image ) > 0 ){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	746	imagetruecolortopalette( $canvas, false, imagecolorstotal( $image ) );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	747	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	748
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	749	$imgType = "";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	750	$tempfile = tempnam($this->cacheDirectory, 'timthumb_tmpimg_');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	751	if(preg_match('/^image\/(?:jpg\|jpeg)$/i', $mimeType)){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	752	$imgType = 'jpg';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	753	imagejpeg($canvas, $tempfile, $quality);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	754	} else if(preg_match('/^image\/png$/i', $mimeType)){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	755	$imgType = 'png';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	756	imagepng($canvas, $tempfile, floor($quality * 0.09));
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	757	} else if(preg_match('/^image\/gif$/i', $mimeType)){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	758	$imgType = 'gif';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	759	imagegif($canvas, $tempfile);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	760	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	761	return $this->sanityFail("Could not match mime type after verifying it previously.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	762	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	763
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	764	if($imgType == 'png' && OPTIPNG_ENABLED && OPTIPNG_PATH && @is_file(OPTIPNG_PATH)){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	765	$exec = OPTIPNG_PATH;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	766	$this->debug(3, "optipng'ing $tempfile");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	767	$presize = filesize($tempfile);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	768	$out = `$exec -o1 $tempfile`; //you can use up to -o7 but it really slows things down
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	769	clearstatcache();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	770	$aftersize = filesize($tempfile);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	771	$sizeDrop = $presize - $aftersize;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	772	if($sizeDrop > 0){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	773	$this->debug(1, "optipng reduced size by $sizeDrop");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	774	} else if($sizeDrop < 0){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	775	$this->debug(1, "optipng increased size! Difference was: $sizeDrop");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	776	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	777	$this->debug(1, "optipng did not change image size.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	778	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	779	} else if($imgType == 'png' && PNGCRUSH_ENABLED && PNGCRUSH_PATH && @is_file(PNGCRUSH_PATH)){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	780	$exec = PNGCRUSH_PATH;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	781	$tempfile2 = tempnam($this->cacheDirectory, 'timthumb_tmpimg_');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	782	$this->debug(3, "pngcrush'ing $tempfile to $tempfile2");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	783	$out = `$exec $tempfile $tempfile2`;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	784	$todel = "";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	785	if(is_file($tempfile2)){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	786	$sizeDrop = filesize($tempfile) - filesize($tempfile2);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	787	if($sizeDrop > 0){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	788	$this->debug(1, "pngcrush was succesful and gave a $sizeDrop byte size reduction");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	789	$todel = $tempfile;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	790	$tempfile = $tempfile2;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	791	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	792	$this->debug(1, "pngcrush did not reduce file size. Difference was $sizeDrop bytes.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	793	$todel = $tempfile2;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	794	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	795	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	796	$this->debug(3, "pngcrush failed with output: $out");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	797	$todel = $tempfile2;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	798	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	799	@unlink($todel);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	800	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	801
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	802	$this->debug(3, "Rewriting image with security header.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	803	$tempfile4 = tempnam($this->cacheDirectory, 'timthumb_tmpimg_');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	804	$context = stream_context_create ();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	805	$fp = fopen($tempfile,'r',0,$context);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	806	file_put_contents($tempfile4, $this->filePrependSecurityBlock . $imgType . ' ?' . '>'); //6 extra bytes, first 3 being image type
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	807	file_put_contents($tempfile4, $fp, FILE_APPEND);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	808	fclose($fp);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	809	@unlink($tempfile);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	810	$this->debug(3, "Locking and replacing cache file.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	811	$lockFile = $this->cachefile . '.lock';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	812	$fh = fopen($lockFile, 'w');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	813	if(! $fh){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	814	return $this->error("Could not open the lockfile for writing an image.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	815	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	816	if(flock($fh, LOCK_EX)){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	817	@unlink($this->cachefile); //rename generally overwrites, but doing this in case of platform specific quirks. File might not exist yet.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	818	rename($tempfile4, $this->cachefile);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	819	flock($fh, LOCK_UN);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	820	fclose($fh);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	821	@unlink($lockFile);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	822	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	823	fclose($fh);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	824	@unlink($lockFile);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	825	@unlink($tempfile4);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	826	return $this->error("Could not get a lock for writing.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	827	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	828	$this->debug(3, "Done image replace with security header. Cleaning up and running cleanCache()");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	829	imagedestroy($canvas);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	830	imagedestroy($image);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	831	return true;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	832	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	833	protected function calcDocRoot(){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	834	$docRoot = @$_SERVER['DOCUMENT_ROOT'];
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	835	if (defined('LOCAL_FILE_BASE_DIRECTORY')) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	836	$docRoot = LOCAL_FILE_BASE_DIRECTORY;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	837	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	838	if(!isset($docRoot)){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	839	$this->debug(3, "DOCUMENT_ROOT is not set. This is probably windows. Starting search 1.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	840	if(isset($_SERVER['SCRIPT_FILENAME'])){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	841	$docRoot = str_replace( '\\', '/', substr($_SERVER['SCRIPT_FILENAME'], 0, 0-strlen($_SERVER['PHP_SELF'])));
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	842	$this->debug(3, "Generated docRoot using SCRIPT_FILENAME and PHP_SELF as: $docRoot");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	843	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	844	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	845	if(!isset($docRoot)){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	846	$this->debug(3, "DOCUMENT_ROOT still is not set. Starting search 2.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	847	if(isset($_SERVER['PATH_TRANSLATED'])){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	848	$docRoot = str_replace( '\\', '/', substr(str_replace('\\\\', '\\', $_SERVER['PATH_TRANSLATED']), 0, 0-strlen($_SERVER['PHP_SELF'])));
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	849	$this->debug(3, "Generated docRoot using PATH_TRANSLATED and PHP_SELF as: $docRoot");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	850	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	851	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	852	if($docRoot && $_SERVER['DOCUMENT_ROOT'] != '/'){ $docRoot = preg_replace('/\/$/', '', $docRoot); }
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	853	$this->debug(3, "Doc root is: " . $docRoot);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	854	$this->docRoot = $docRoot;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	855
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	856	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	857	protected function getLocalImagePath($src){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	858	$src = ltrim($src, '/'); //strip off the leading '/'
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	859	if(! $this->docRoot){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	860	$this->debug(3, "We have no document root set, so as a last resort, lets check if the image is in the current dir and serve that.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	861	//We don't support serving images outside the current dir if we don't have a doc root for security reasons.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	862	$file = preg_replace('/^.*?([^\/\\\\]+)$/', '$1', $src); //strip off any path info and just leave the filename.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	863	if(is_file($file)){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	864	return $this->realpath($file);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	865	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	866	return $this->error("Could not find your website document root and the file specified doesn't exist in timthumbs directory. We don't support serving files outside timthumb's directory without a document root for security reasons.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	867	} else if ( ! is_dir( $this->docRoot ) ) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	868	$this->error("Server path does not exist. Ensure variable \$_SERVER['DOCUMENT_ROOT'] is set correctly");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	869	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	870
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	871	//Do not go past this point without docRoot set
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	872
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	873	//Try src under docRoot
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	874	if(file_exists ($this->docRoot . '/' . $src)) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	875	$this->debug(3, "Found file as " . $this->docRoot . '/' . $src);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	876	$real = $this->realpath($this->docRoot . '/' . $src);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	877	if(stripos($real, $this->docRoot) === 0){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	878	return $real;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	879	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	880	$this->debug(1, "Security block: The file specified occurs outside the document root.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	881	//allow search to continue
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	882	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	883	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	884	//Check absolute paths and then verify the real path is under doc root
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	885	$absolute = $this->realpath('/' . $src);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	886	if($absolute && file_exists($absolute)){ //realpath does file_exists check, so can probably skip the exists check here
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	887	$this->debug(3, "Found absolute path: $absolute");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	888	if(! $this->docRoot){ $this->sanityFail("docRoot not set when checking absolute path."); }
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	889	if(stripos($absolute, $this->docRoot) === 0){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	890	return $absolute;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	891	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	892	$this->debug(1, "Security block: The file specified occurs outside the document root.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	893	//and continue search
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	894	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	895	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	896
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	897	$base = $this->docRoot;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	898
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	899	// account for Windows directory structure
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	900	if (strstr($_SERVER['SCRIPT_FILENAME'],':')) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	901	$sub_directories = explode('\\', str_replace($this->docRoot, '', $_SERVER['SCRIPT_FILENAME']));
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	902	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	903	$sub_directories = explode('/', str_replace($this->docRoot, '', $_SERVER['SCRIPT_FILENAME']));
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	904	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	905
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	906	foreach ($sub_directories as $sub){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	907	$base .= $sub . '/';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	908	$this->debug(3, "Trying file as: " . $base . $src);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	909	if(file_exists($base . $src)){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	910	$this->debug(3, "Found file as: " . $base . $src);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	911	$real = $this->realpath($base . $src);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	912	if(stripos($real, $this->realpath($this->docRoot)) === 0){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	913	return $real;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	914	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	915	$this->debug(1, "Security block: The file specified occurs outside the document root.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	916	//And continue search
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	917	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	918	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	919	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	920	return false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	921	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	922	protected function realpath($path){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	923	//try to remove any relative paths
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	924	$remove_relatives = '/\w+\/\.\.\//';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	925	while(preg_match($remove_relatives,$path)){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	926	$path = preg_replace($remove_relatives, '', $path);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	927	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	928	//if any remain use PHP realpath to strip them out, otherwise return $path
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	929	//if using realpath, any symlinks will also be resolved
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	930	return preg_match('#^\.\./\|/\.\./#', $path) ? realpath($path) : $path;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	931	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	932	protected function toDelete($name){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	933	$this->debug(3, "Scheduling file $name to delete on destruct.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	934	$this->toDeletes[] = $name;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	935	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	936	protected function serveWebshot(){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	937	$this->debug(3, "Starting serveWebshot");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	938	$instr = "Please follow the instructions at http://code.google.com/p/timthumb/ to set your server up for taking website screenshots.";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	939	if(! is_file(WEBSHOT_CUTYCAPT)){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	940	return $this->error("CutyCapt is not installed. $instr");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	941	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	942	if(! is_file(WEBSHOT_XVFB)){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	943	return $this->Error("Xvfb is not installed. $instr");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	944	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	945	$cuty = WEBSHOT_CUTYCAPT;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	946	$xv = WEBSHOT_XVFB;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	947	$screenX = WEBSHOT_SCREEN_X;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	948	$screenY = WEBSHOT_SCREEN_Y;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	949	$colDepth = WEBSHOT_COLOR_DEPTH;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	950	$format = WEBSHOT_IMAGE_FORMAT;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	951	$timeout = WEBSHOT_TIMEOUT * 1000;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	952	$ua = WEBSHOT_USER_AGENT;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	953	$jsOn = WEBSHOT_JAVASCRIPT_ON ? 'on' : 'off';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	954	$javaOn = WEBSHOT_JAVA_ON ? 'on' : 'off';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	955	$pluginsOn = WEBSHOT_PLUGINS_ON ? 'on' : 'off';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	956	$proxy = WEBSHOT_PROXY ? ' --http-proxy=' . WEBSHOT_PROXY : '';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	957	$tempfile = tempnam($this->cacheDirectory, 'timthumb_webshot');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	958	$url = $this->src;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	959	if(! preg_match('/^https?:\/\/[a-zA-Z0-9\.\-]+/i', $url)){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	960	return $this->error("Invalid URL supplied.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	961	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	962	$url = preg_replace('/[^A-Za-z0-9\-\.\_\~:\/\?\#\[\]\@\!\$\&\'\*\+\,\;\=]+/', '', $url); //RFC 3986
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	963	//Very important we don't allow injection of shell commands here. URL is between quotes and we are only allowing through chars allowed by a the RFC
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	964	// which AFAIKT can't be used for shell injection.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	965	if(WEBSHOT_XVFB_RUNNING){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	966	putenv('DISPLAY=:100.0');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	967	$command = "$cuty $proxy --max-wait=$timeout --user-agent=\"$ua\" --javascript=$jsOn --java=$javaOn --plugins=$pluginsOn --js-can-open-windows=off --url=\"$url\" --out-format=$format --out=$tempfile";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	968	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	969	$command = "$xv --server-args=\"-screen 0, {$screenX}x{$screenY}x{$colDepth}\" $cuty $proxy --max-wait=$timeout --user-agent=\"$ua\" --javascript=$jsOn --java=$javaOn --plugins=$pluginsOn --js-can-open-windows=off --url=\"$url\" --out-format=$format --out=$tempfile";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	970	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	971	$this->debug(3, "Executing command: $command");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	972	$out = `$command`;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	973	$this->debug(3, "Received output: $out");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	974	if(! is_file($tempfile)){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	975	$this->set404();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	976	return $this->error("The command to create a thumbnail failed.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	977	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	978	$this->cropTop = true;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	979	if($this->processImageAndWriteToCache($tempfile)){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	980	$this->debug(3, "Image processed succesfully. Serving from cache");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	981	return $this->serveCacheFile();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	982	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	983	return false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	984	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	985	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	986	protected function serveExternalImage(){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	987	if(! preg_match('/^https?:\/\/[a-zA-Z0-9\-\.]+/i', $this->src)){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	988	$this->error("Invalid URL supplied.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	989	return false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	990	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	991	$tempfile = tempnam($this->cacheDirectory, 'timthumb');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	992	$this->debug(3, "Fetching external image into temporary file $tempfile");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	993	$this->toDelete($tempfile);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	994	#fetch file here
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	995	if(! $this->getURL($this->src, $tempfile)){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	996	@unlink($this->cachefile);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	997	touch($this->cachefile);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	998	$this->debug(3, "Error fetching URL: " . $this->lastURLError);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	999	$this->error("Error reading the URL you specified from remote host." . $this->lastURLError);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1000	return false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1001	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1002
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1003	$mimeType = $this->getMimeType($tempfile);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1004	if(! preg_match("/^image\/(?:jpg\|jpeg\|gif\|png)$/i", $mimeType)){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1005	$this->debug(3, "Remote file has invalid mime type: $mimeType");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1006	@unlink($this->cachefile);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1007	touch($this->cachefile);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1008	$this->error("The remote file is not a valid image. Mimetype = '" . $mimeType . "'" . $tempfile);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1009	return false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1010	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1011	if($this->processImageAndWriteToCache($tempfile)){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1012	$this->debug(3, "Image processed succesfully. Serving from cache");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1013	return $this->serveCacheFile();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1014	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1015	return false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1016	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1017	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1018	public static function curlWrite($h, $d){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1019	fwrite(self::$curlFH, $d);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1020	self::$curlDataWritten += strlen($d);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1021	if(self::$curlDataWritten > MAX_FILE_SIZE){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1022	return 0;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1023	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1024	return strlen($d);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1025	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1026	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1027	protected function serveCacheFile(){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1028	$this->debug(3, "Serving {$this->cachefile}");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1029	if(! is_file($this->cachefile)){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1030	$this->error("serveCacheFile called in timthumb but we couldn't find the cached file.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1031	return false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1032	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1033	$fp = fopen($this->cachefile, 'rb');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1034	if(! $fp){ return $this->error("Could not open cachefile."); }
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1035	fseek($fp, strlen($this->filePrependSecurityBlock), SEEK_SET);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1036	$imgType = fread($fp, 3);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1037	fseek($fp, 3, SEEK_CUR);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1038	if(ftell($fp) != strlen($this->filePrependSecurityBlock) + 6){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1039	@unlink($this->cachefile);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1040	return $this->error("The cached image file seems to be corrupt.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1041	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1042	$imageDataSize = filesize($this->cachefile) - (strlen($this->filePrependSecurityBlock) + 6);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1043	$this->sendImageHeaders($imgType, $imageDataSize);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1044	$bytesSent = @fpassthru($fp);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1045	fclose($fp);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1046	if($bytesSent > 0){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1047	return true;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1048	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1049	$content = file_get_contents ($this->cachefile);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1050	if ($content != FALSE) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1051	$content = substr($content, strlen($this->filePrependSecurityBlock) + 6);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1052	echo $content;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1053	$this->debug(3, "Served using file_get_contents and echo");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1054	return true;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1055	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1056	$this->error("Cache file could not be loaded.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1057	return false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1058	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1059	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1060	protected function sendImageHeaders($mimeType, $dataSize){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1061	if(! preg_match('/^image\//i', $mimeType)){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1062	$mimeType = 'image/' . $mimeType;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1063	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1064	if(strtolower($mimeType) == 'image/jpg'){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1065	$mimeType = 'image/jpeg';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1066	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1067	$gmdate_expires = gmdate ('D, d M Y H:i:s', strtotime ('now +10 days')) . ' GMT';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1068	$gmdate_modified = gmdate ('D, d M Y H:i:s') . ' GMT';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1069	// send content headers then display image
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1070	header ('Content-Type: ' . $mimeType);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1071	header ('Accept-Ranges: none'); //Changed this because we don't accept range requests
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1072	header ('Last-Modified: ' . $gmdate_modified);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1073	header ('Content-Length: ' . $dataSize);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1074	if(BROWSER_CACHE_DISABLE){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1075	$this->debug(3, "Browser cache is disabled so setting non-caching headers.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1076	header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1077	header("Pragma: no-cache");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1078	header('Expires: ' . gmdate ('D, d M Y H:i:s', time()));
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1079	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1080	$this->debug(3, "Browser caching is enabled");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1081	header('Cache-Control: max-age=' . BROWSER_CACHE_MAX_AGE . ', must-revalidate');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1082	header('Expires: ' . $gmdate_expires);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1083	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1084	return true;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1085	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1086	protected function securityChecks(){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1087	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1088	protected function param($property, $default = ''){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1089	if (isset ($_GET[$property])) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1090	return $_GET[$property];
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1091	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1092	return $default;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1093	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1094	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1095	protected function openImage($mimeType, $src){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1096	switch ($mimeType) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1097	case 'image/jpeg':
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1098	$image = imagecreatefromjpeg ($src);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1099	break;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1100
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1101	case 'image/png':
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1102	$image = imagecreatefrompng ($src);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1103	imagealphablending( $image, true );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1104	imagesavealpha( $image, true );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1105	break;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1106
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1107	case 'image/gif':
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1108	$image = imagecreatefromgif ($src);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1109	break;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1110
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1111	default:
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1112	$this->error("Unrecognised mimeType");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1113	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1114
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1115	return $image;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1116	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1117	protected function getIP(){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1118	$rem = @$_SERVER["REMOTE_ADDR"];
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1119	$ff = @$_SERVER["HTTP_X_FORWARDED_FOR"];
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1120	$ci = @$_SERVER["HTTP_CLIENT_IP"];
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1121	if(preg_match('/^(?:192\.168\|172\.16\|10\.\|127\.)/', $rem)){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1122	if($ff){ return $ff; }
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1123	if($ci){ return $ci; }
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1124	return $rem;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1125	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1126	if($rem){ return $rem; }
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1127	if($ff){ return $ff; }
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1128	if($ci){ return $ci; }
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1129	return "UNKNOWN";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1130	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1131	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1132	protected function debug($level, $msg){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1133	if(DEBUG_ON && $level <= DEBUG_LEVEL){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1134	$execTime = sprintf('%.6f', microtime(true) - $this->startTime);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1135	$tick = sprintf('%.6f', 0);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1136	if($this->lastBenchTime > 0){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1137	$tick = sprintf('%.6f', microtime(true) - $this->lastBenchTime);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1138	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1139	$this->lastBenchTime = microtime(true);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1140	error_log("TimThumb Debug line " . __LINE__ . " [$execTime : $tick]: $msg");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1141	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1142	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1143	protected function sanityFail($msg){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1144	return $this->error("There is a problem in the timthumb code. Message: Please report this error at <a href='http://code.google.com/p/timthumb/issues/list'>timthumb's bug tracking page</a>: $msg");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1145	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1146	protected function getMimeType($file){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1147	$info = getimagesize($file);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1148	if(is_array($info) && $info['mime']){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1149	return $info['mime'];
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1150	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1151	return '';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1152	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1153	protected function setMemoryLimit(){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1154	$inimem = ini_get('memory_limit');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1155	$inibytes = timthumb::returnBytes($inimem);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1156	$ourbytes = timthumb::returnBytes(MEMORY_LIMIT);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1157	if($inibytes < $ourbytes){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1158	ini_set ('memory_limit', MEMORY_LIMIT);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1159	$this->debug(3, "Increased memory from $inimem to " . MEMORY_LIMIT);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1160	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1161	$this->debug(3, "Not adjusting memory size because the current setting is " . $inimem . " and our size of " . MEMORY_LIMIT . " is smaller.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1162	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1163	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1164	protected static function returnBytes($size_str){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1165	switch (substr ($size_str, -1))
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1166	{
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1167	case 'M': case 'm': return (int)$size_str * 1048576;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1168	case 'K': case 'k': return (int)$size_str * 1024;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1169	case 'G': case 'g': return (int)$size_str * 1073741824;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1170	default: return $size_str;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1171	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1172	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1173
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1174	protected function getURL($url, $tempfile){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1175	$this->lastURLError = false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1176	$url = preg_replace('/ /', '%20', $url);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1177	if(function_exists('curl_init')){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1178	$this->debug(3, "Curl is installed so using it to fetch URL.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1179	self::$curlFH = fopen($tempfile, 'w');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1180	if(! self::$curlFH){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1181	$this->error("Could not open $tempfile for writing.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1182	return false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1183	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1184	self::$curlDataWritten = 0;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1185	$this->debug(3, "Fetching url with curl: $url");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1186	$curl = curl_init($url);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1187	curl_setopt ($curl, CURLOPT_TIMEOUT, CURL_TIMEOUT);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1188	curl_setopt ($curl, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1189	curl_setopt ($curl, CURLOPT_RETURNTRANSFER, TRUE);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1190	curl_setopt ($curl, CURLOPT_HEADER, 0);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1191	curl_setopt ($curl, CURLOPT_SSL_VERIFYPEER, FALSE);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1192	curl_setopt ($curl, CURLOPT_WRITEFUNCTION, 'timthumb::curlWrite');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1193	@curl_setopt ($curl, CURLOPT_FOLLOWLOCATION, true);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1194	@curl_setopt ($curl, CURLOPT_MAXREDIRS, 10);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1195
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1196	$curlResult = curl_exec($curl);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1197	fclose(self::$curlFH);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1198	$httpStatus = curl_getinfo($curl, CURLINFO_HTTP_CODE);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1199	if($httpStatus == 404){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1200	$this->set404();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1201	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1202	if($httpStatus == 302){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1203	$this->error("External Image is Redirecting. Try alternate image url");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1204	return false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1205	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1206	if($curlResult){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1207	curl_close($curl);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1208	return true;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1209	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1210	$this->lastURLError = curl_error($curl);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1211	curl_close($curl);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1212	return false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1213	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1214	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1215	$img = @file_get_contents ($url);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1216	if($img === false){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1217	$err = error_get_last();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1218	if(is_array($err) && $err['message']){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1219	$this->lastURLError = $err['message'];
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1220	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1221	$this->lastURLError = $err;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1222	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1223	if(preg_match('/404/', $this->lastURLError)){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1224	$this->set404();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1225	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1226
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1227	return false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1228	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1229	if(! file_put_contents($tempfile, $img)){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1230	$this->error("Could not write to $tempfile.");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1231	return false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1232	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1233	return true;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1234	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1235
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1236	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1237	protected function serveImg($file){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1238	$s = getimagesize($file);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1239	if(! ($s && $s['mime'])){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1240	return false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1241	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1242	header ('Content-Type: ' . $s['mime']);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1243	header ('Content-Length: ' . filesize($file) );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1244	header ('Cache-Control: no-store, no-cache, must-revalidate, max-age=0');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1245	header ("Pragma: no-cache");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1246	$bytes = @readfile($file);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1247	if($bytes > 0){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1248	return true;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1249	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1250	$content = @file_get_contents ($file);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1251	if ($content != FALSE){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1252	echo $content;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1253	return true;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1254	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1255	return false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1256
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1257	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1258	protected function set404(){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1259	$this->is404 = true;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1260	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1261	protected function is404(){
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1262	return $this->is404;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1263	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1264	}

author	ymh <ymh.work@gmail.com>
	Wed, 06 Nov 2013 03:21:17 +0000
changeset 0	d970ebf37754
permissions	-rw-r--r--