[11699] | 1 | <?php |
---|
| 2 | /** |
---|
[11944] | 3 | * TimThumb by Ben Gillbanks and Mark Maunder |
---|
| 4 | * Based on work done by Tim McDaniels and Darren Hoyt |
---|
[11699] | 5 | * http://code.google.com/p/timthumb/ |
---|
| 6 | * |
---|
| 7 | * GNU General Public License, version 2 |
---|
| 8 | * http://www.gnu.org/licenses/old-licenses/gpl-2.0.html |
---|
| 9 | * |
---|
| 10 | * Examples and documentation available on the project homepage |
---|
| 11 | * http://www.binarymoon.co.uk/projects/timthumb/ |
---|
| 12 | */ |
---|
| 13 | |
---|
[11944] | 14 | /* |
---|
| 15 | -----TimThumb CONFIGURATION----- |
---|
| 16 | You can either edit the configuration variables manually here, or you can |
---|
| 17 | create a file called timthumb-config.php and define variables you want |
---|
| 18 | to customize in there. It will automatically be loaded by timthumb. |
---|
| 19 | This will save you having to re-edit these variables everytime you download |
---|
| 20 | a new version of timthumb. |
---|
[11699] | 21 | |
---|
[11944] | 22 | */ |
---|
| 23 | define ('VERSION', '2.7'); // Version of this script |
---|
| 24 | //Load a config file if it exists. Otherwise, use the values below. |
---|
| 25 | if( file_exists('timthumb-config.php')) require_once('timthumb-config.php'); |
---|
| 26 | if(! defined( 'DEBUG_ON' ) ) define ('DEBUG_ON', false); // Enable debug logging to web server error log (STDERR) |
---|
| 27 | if(! defined('DEBUG_LEVEL') ) define ('DEBUG_LEVEL', 1); // Debug level 1 is less noisy and 3 is the most noisy |
---|
| 28 | if(! defined('MEMORY_LIMIT') ) define ('MEMORY_LIMIT', '30M'); // Set PHP memory limit |
---|
| 29 | if(! defined('BLOCK_EXTERNAL_LEECHERS') ) define ('BLOCK_EXTERNAL_LEECHERS', false); // If the image or webshot is being loaded on an external site, display a red "No Hotlinking" gif. |
---|
[11699] | 30 | |
---|
[11944] | 31 | //Image fetching and caching |
---|
| 32 | if(! defined('ALLOW_EXTERNAL') ) define ('ALLOW_EXTERNAL', TRUE); // Allow image fetching from external websites. Will check against ALLOWED_SITES if ALLOW_ALL_EXTERNAL_SITES is false |
---|
| 33 | if(! defined('ALLOW_ALL_EXTERNAL_SITES') ) define ('ALLOW_ALL_EXTERNAL_SITES', false); // Less secure. |
---|
| 34 | if(! defined('FILE_CACHE_ENABLED') ) define ('FILE_CACHE_ENABLED', TRUE); // Should we store resized/modified images on disk to speed things up? |
---|
| 35 | if(! defined('FILE_CACHE_TIME_BETWEEN_CLEANS')) define ('FILE_CACHE_TIME_BETWEEN_CLEANS', 86400); // How often the cache is cleaned |
---|
| 36 | if(! defined('FILE_CACHE_MAX_FILE_AGE') ) define ('FILE_CACHE_MAX_FILE_AGE', 86400); // How old does a file have to be to be deleted from the cache |
---|
| 37 | if(! defined('FILE_CACHE_SUFFIX') ) define ('FILE_CACHE_SUFFIX', '.timthumb.txt'); // What to put at the end of all files in the cache directory so we can identify them |
---|
| 38 | if(! defined('FILE_CACHE_DIRECTORY') ) define ('FILE_CACHE_DIRECTORY', './cache'); // Directory where images are cached. Left blank it will use the system temporary directory (which is better for security) |
---|
| 39 | if(! defined('MAX_FILE_SIZE') ) define ('MAX_FILE_SIZE', 10485760); // 10 Megs is 10485760. This is the max internal or external file size that we'll process. |
---|
| 40 | if(! defined('CURL_TIMEOUT') ) define ('CURL_TIMEOUT', 20); // Timeout duration for Curl. This only applies if you have Curl installed and aren't using PHP's default URL fetching mechanism. |
---|
| 41 | if(! defined('WAIT_BETWEEN_FETCH_ERRORS') ) define ('WAIT_BETWEEN_FETCH_ERRORS', 3600); //Time to wait between errors fetching remote file |
---|
| 42 | //Browser caching |
---|
| 43 | if(! defined('BROWSER_CACHE_MAX_AGE') ) define ('BROWSER_CACHE_MAX_AGE', 864000); // Time to cache in the browser |
---|
| 44 | if(! defined('BROWSER_CACHE_DISABLE') ) define ('BROWSER_CACHE_DISABLE', false); // Use for testing if you want to disable all browser caching |
---|
[11699] | 45 | |
---|
[11944] | 46 | //Image size and defaults |
---|
| 47 | if(! defined('MAX_WIDTH') ) define ('MAX_WIDTH', 1500); // Maximum image width |
---|
| 48 | if(! defined('MAX_HEIGHT') ) define ('MAX_HEIGHT', 1500); // Maximum image height |
---|
| 49 | if(! defined('NOT_FOUND_IMAGE') ) define ('NOT_FOUND_IMAGE', ''); //Image to serve if any 404 occurs |
---|
| 50 | if(! defined('ERROR_IMAGE') ) define ('ERROR_IMAGE', ''); //Image to serve if an error occurs instead of showing error message |
---|
[11699] | 51 | |
---|
[11944] | 52 | //Image compression is enabled if either of these point to valid paths |
---|
[11699] | 53 | |
---|
[11944] | 54 | //These are now disabled by default because the file sizes of PNGs (and GIFs) are much smaller than we used to generate. |
---|
| 55 | //They only work for PNGs. GIFs and JPEGs are not affected. |
---|
| 56 | if(! defined('OPTIPNG_ENABLED') ) define ('OPTIPNG_ENABLED', false); |
---|
| 57 | if(! defined('OPTIPNG_PATH') ) define ('OPTIPNG_PATH', '/usr/bin/optipng'); //This will run first because it gives better compression than pngcrush. |
---|
| 58 | if(! defined('PNGCRUSH_ENABLED') ) define ('PNGCRUSH_ENABLED', false); |
---|
| 59 | if(! defined('PNGCRUSH_PATH') ) define ('PNGCRUSH_PATH', '/usr/bin/pngcrush'); //This will only run if OPTIPNG_PATH is not set or is not valid |
---|
[11699] | 60 | |
---|
[11944] | 61 | /* |
---|
| 62 | -------====Website Screenshots configuration - BETA====------- |
---|
| 63 | |
---|
| 64 | If you just want image thumbnails and don't want website screenshots, you can safely leave this as is. |
---|
| 65 | |
---|
| 66 | If you would like to get website screenshots set up, you will need root access to your own server. |
---|
[11699] | 67 | |
---|
[11944] | 68 | Enable ALLOW_ALL_EXTERNAL_SITES so you can fetch any external web page. This is more secure now that we're using a non-web folder for cache. |
---|
| 69 | Enable BLOCK_EXTERNAL_LEECHERS so that your site doesn't generate thumbnails for the whole Internet. |
---|
[11699] | 70 | |
---|
[11944] | 71 | Instructions to get website screenshots enabled on Ubuntu Linux: |
---|
[11699] | 72 | |
---|
[11944] | 73 | 1. Install Xvfb with the following command: sudo apt-get install subversion libqt4-webkit libqt4-dev g++ xvfb |
---|
| 74 | 2. Go to a directory where you can download some code |
---|
| 75 | 3. Check-out the latest version of CutyCapt with the following command: svn co https://cutycapt.svn.sourceforge.net/svnroot/cutycapt |
---|
| 76 | 4. Compile CutyCapt by doing: cd cutycapt/CutyCapt |
---|
| 77 | 5. qmake |
---|
| 78 | 6. make |
---|
| 79 | 7. cp CutyCapt /usr/local/bin/ |
---|
| 80 | 8. Test it by running: xvfb-run --server-args="-screen 0, 1024x768x24" CutyCapt --url="http://markmaunder.com/" --out=test.png |
---|
| 81 | 9. If you get a file called test.png with something in it, it probably worked. Now test the script by accessing it as follows: |
---|
| 82 | 10. http://yoursite.com/path/to/timthumb.php?src=http://markmaunder.com/&webshot=1 |
---|
[11699] | 83 | |
---|
[11944] | 84 | Notes on performance: |
---|
| 85 | The first time a webshot loads, it will take a few seconds. |
---|
| 86 | From then on it uses the regular timthumb caching mechanism with the configurable options above |
---|
| 87 | and loading will be very fast. |
---|
[11699] | 88 | |
---|
[11944] | 89 | --ADVANCED USERS ONLY-- |
---|
| 90 | If you'd like a slight speedup (about 25%) and you know Linux, you can run the following command which will keep Xvfb running in the background. |
---|
| 91 | nohup Xvfb :100 -ac -nolisten tcp -screen 0, 1024x768x24 > /dev/null 2>&1 & |
---|
| 92 | Then set WEBSHOT_XVFB_RUNNING = true below. This will save your server having to fire off a new Xvfb server and shut it down every time a new shot is generated. |
---|
| 93 | You will need to take responsibility for keeping Xvfb running in case it crashes. (It seems pretty stable) |
---|
| 94 | You will also need to take responsibility for server security if you're running Xvfb as root. |
---|
[11699] | 95 | |
---|
| 96 | |
---|
[11944] | 97 | */ |
---|
| 98 | if(! defined('WEBSHOT_ENABLED') ) define ('WEBSHOT_ENABLED', false); //Beta feature. Adding webshot=1 to your query string will cause the script to return a browser screenshot rather than try to fetch an image. |
---|
| 99 | if(! defined('WEBSHOT_CUTYCAPT') ) define ('WEBSHOT_CUTYCAPT', '/usr/local/bin/CutyCapt'); //The path to CutyCapt. |
---|
| 100 | if(! defined('WEBSHOT_XVFB') ) define ('WEBSHOT_XVFB', '/usr/bin/xvfb-run'); //The path to the Xvfb server |
---|
| 101 | if(! defined('WEBSHOT_SCREEN_X') ) define ('WEBSHOT_SCREEN_X', '1024'); //1024 works ok |
---|
| 102 | if(! defined('WEBSHOT_SCREEN_Y') ) define ('WEBSHOT_SCREEN_Y', '768'); //768 works ok |
---|
| 103 | if(! defined('WEBSHOT_COLOR_DEPTH') ) define ('WEBSHOT_COLOR_DEPTH', '24'); //I haven't tested anything besides 24 |
---|
| 104 | if(! defined('WEBSHOT_IMAGE_FORMAT') ) define ('WEBSHOT_IMAGE_FORMAT', 'png'); //png is about 2.5 times the size of jpg but is a LOT better quality |
---|
| 105 | if(! defined('WEBSHOT_TIMEOUT') ) define ('WEBSHOT_TIMEOUT', '20'); //Seconds to wait for a webshot |
---|
| 106 | if(! defined('WEBSHOT_USER_AGENT') ) define ('WEBSHOT_USER_AGENT', "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.2.18) Gecko/20110614 Firefox/3.6.18"); //I hate to do this, but a non-browser robot user agent might not show what humans see. So we pretend to be Firefox |
---|
| 107 | if(! defined('WEBSHOT_JAVASCRIPT_ON') ) define ('WEBSHOT_JAVASCRIPT_ON', true); //Setting to false might give you a slight speedup and block ads. But it could cause other issues. |
---|
| 108 | if(! defined('WEBSHOT_JAVA_ON') ) define ('WEBSHOT_JAVA_ON', false); //Have only tested this as fase |
---|
| 109 | if(! defined('WEBSHOT_PLUGINS_ON') ) define ('WEBSHOT_PLUGINS_ON', true); //Enable flash and other plugins |
---|
| 110 | if(! defined('WEBSHOT_PROXY') ) define ('WEBSHOT_PROXY', ''); //In case you're behind a proxy server. |
---|
| 111 | if(! defined('WEBSHOT_XVFB_RUNNING') ) define ('WEBSHOT_XVFB_RUNNING', false); //ADVANCED: Enable this if you've got Xvfb running in the background. |
---|
[11699] | 112 | |
---|
| 113 | |
---|
[11944] | 114 | // If ALLOW_EXTERNAL is true and ALLOW_ALL_EXTERNAL_SITES is false, then external images will only be fetched from these domains and their subdomains. |
---|
| 115 | if(! isset($ALLOWED_SITES)){ |
---|
| 116 | $ALLOWED_SITES = array ( |
---|
| 117 | 'flickr.com', |
---|
| 118 | 'picasa.com', |
---|
| 119 | 'img.youtube.com', |
---|
| 120 | 'upload.wikimedia.org', |
---|
| 121 | 'photobucket.com', |
---|
| 122 | 'imgur.com', |
---|
| 123 | 'imageshack.us', |
---|
| 124 | 'tinypic.com' |
---|
| 125 | ); |
---|
| 126 | } |
---|
| 127 | // ------------------------------------------------------------- |
---|
| 128 | // -------------- STOP EDITING CONFIGURATION HERE -------------- |
---|
| 129 | // ------------------------------------------------------------- |
---|
[11699] | 130 | |
---|
[11944] | 131 | timthumb::start(); |
---|
[11699] | 132 | |
---|
[11944] | 133 | class timthumb { |
---|
| 134 | protected $src = ""; |
---|
| 135 | protected $is404 = false; |
---|
| 136 | protected $docRoot = ""; |
---|
| 137 | protected $lastURLError = false; |
---|
| 138 | protected $localImage = ""; |
---|
| 139 | protected $localImageMTime = 0; |
---|
| 140 | protected $url = false; |
---|
| 141 | protected $myHost = ""; |
---|
| 142 | protected $isURL = false; |
---|
| 143 | protected $cachefile = ''; |
---|
| 144 | protected $errors = array(); |
---|
| 145 | protected $toDeletes = array(); |
---|
| 146 | protected $cacheDirectory = ''; |
---|
| 147 | protected $startTime = 0; |
---|
| 148 | protected $lastBenchTime = 0; |
---|
| 149 | protected $cropTop = false; |
---|
| 150 | protected $salt = ""; |
---|
| 151 | protected $fileCacheVersion = 1; //Generally if timthumb.php is modifed (upgraded) then the salt changes and all cache files are recreated. This is a backup mechanism to force regen. |
---|
| 152 | protected $filePrependSecurityBlock = "<?php die('Execution denied!'); //"; //Designed to have three letter mime type, space, question mark and greater than symbol appended. 6 bytes total. |
---|
| 153 | protected static $curlDataWritten = 0; |
---|
| 154 | protected static $curlFH = false; |
---|
| 155 | public static function start(){ |
---|
| 156 | $tim = new timthumb(); |
---|
| 157 | $tim->handleErrors(); |
---|
| 158 | $tim->securityChecks(); |
---|
| 159 | if($tim->tryBrowserCache()){ |
---|
| 160 | exit(0); |
---|
| 161 | } |
---|
| 162 | $tim->handleErrors(); |
---|
| 163 | if(FILE_CACHE_ENABLED && $tim->tryServerCache()){ |
---|
| 164 | exit(0); |
---|
| 165 | } |
---|
| 166 | $tim->handleErrors(); |
---|
| 167 | $tim->run(); |
---|
| 168 | $tim->handleErrors(); |
---|
| 169 | exit(0); |
---|
| 170 | } |
---|
| 171 | public function __construct(){ |
---|
| 172 | global $ALLOWED_SITES; |
---|
| 173 | $this->startTime = microtime(true); |
---|
| 174 | $this->debug(1, "Starting new request from " . $this->getIP() . " to " . $_SERVER['REQUEST_URI']); |
---|
| 175 | $this->calcDocRoot(); |
---|
| 176 | //On windows systems I'm assuming fileinode returns an empty string or a number that doesn't change. Check this. |
---|
| 177 | $this->salt = @filemtime(__FILE__) . '-' . @fileinode(__FILE__); |
---|
| 178 | $this->debug(3, "Salt is: " . $this->salt); |
---|
| 179 | if(FILE_CACHE_DIRECTORY){ |
---|
| 180 | if(! is_dir(FILE_CACHE_DIRECTORY)){ |
---|
| 181 | @mkdir(FILE_CACHE_DIRECTORY); |
---|
| 182 | if(! is_dir(FILE_CACHE_DIRECTORY)){ |
---|
| 183 | $this->error("Could not create the file cache directory."); |
---|
| 184 | return false; |
---|
| 185 | } |
---|
| 186 | } |
---|
| 187 | $this->cacheDirectory = FILE_CACHE_DIRECTORY; |
---|
| 188 | touch($this->cacheDirectory . '/index.html'); |
---|
[11699] | 189 | } else { |
---|
[11944] | 190 | $this->cacheDirectory = sys_get_temp_dir(); |
---|
[11699] | 191 | } |
---|
[11944] | 192 | //Clean the cache before we do anything because we don't want the first visitor after FILE_CACHE_TIME_BETWEEN_CLEANS expires to get a stale image. |
---|
| 193 | $this->cleanCache(); |
---|
[11699] | 194 | |
---|
[11944] | 195 | $this->myHost = preg_replace('/^www\./i', '', $_SERVER['HTTP_HOST']); |
---|
| 196 | $this->src = $this->param('src'); |
---|
| 197 | $this->url = parse_url($this->src); |
---|
| 198 | if(strlen($this->src) <= 3){ |
---|
| 199 | $this->error("No image specified"); |
---|
| 200 | return false; |
---|
| 201 | } |
---|
| 202 | if(BLOCK_EXTERNAL_LEECHERS && array_key_exists('HTTP_REFERER', $_SERVER) && (! preg_match('/^https?:\/\/(?:www\.)?' . $this->myHost . '(?:$|\/)/i', $_SERVER['HTTP_REFERER']))){ |
---|
| 203 | $imgData = base64_decode("R0lGODlhUAAMAIAAAP8AAP///yH5BAAHAP8ALAAAAABQAAwAAAJpjI+py+0Po5y0OgAMjjv01YUZ\nOGplhWXfNa6JCLnWkXplrcBmW+spbwvaVr/cDyg7IoFC2KbYVC2NQ5MQ4ZNao9Ynzjl9ScNYpneb\nDULB3RP6JuPuaGfuuV4fumf8PuvqFyhYtjdoeFgAADs="); |
---|
| 204 | header('Content-Type: image/gif'); |
---|
| 205 | header('Content-Length: ' . sizeof($imgData)); |
---|
| 206 | header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0'); |
---|
| 207 | header("Pragma: no-cache"); |
---|
| 208 | header('Expires: ' . gmdate ('D, d M Y H:i:s', time())); |
---|
| 209 | echo $imgData; |
---|
| 210 | return false; |
---|
| 211 | exit(0); |
---|
| 212 | } |
---|
| 213 | if(preg_match('/https?:\/\/(?:www\.)?' . $this->myHost . '(?:$|\/)/i', $this->src)){ |
---|
| 214 | $this->src = preg_replace('/https?:\/\/(?:www\.)?' . $this->myHost . '/i', '', $this->src); |
---|
| 215 | } |
---|
| 216 | if(preg_match('/^https?:\/\/[^\/]+/i', $this->src)){ |
---|
| 217 | $this->debug(2, "Is a request for an external URL: " . $this->src); |
---|
| 218 | $this->isURL = true; |
---|
| 219 | } else { |
---|
| 220 | $this->debug(2, "Is a request for an internal file: " . $this->src); |
---|
| 221 | } |
---|
| 222 | if($this->isURL && (! ALLOW_EXTERNAL)){ |
---|
| 223 | $this->error("You are not allowed to fetch images from an external website."); |
---|
| 224 | return false; |
---|
| 225 | } |
---|
| 226 | if($this->isURL){ |
---|
| 227 | if(ALLOW_ALL_EXTERNAL_SITES){ |
---|
| 228 | $this->debug(2, "Fetching from all external sites is enabled."); |
---|
| 229 | } else { |
---|
| 230 | $this->debug(2, "Fetching only from selected external sites is enabled."); |
---|
| 231 | $allowed = false; |
---|
| 232 | foreach($ALLOWED_SITES as $site){ |
---|
| 233 | if (preg_match ('/(?:^|\.)' . $site . '$/i', $this->url['host'])) { |
---|
| 234 | $this->debug(3, "URL hostname {$this->url['host']} matches $site so allowing."); |
---|
| 235 | $allowed = true; |
---|
| 236 | } |
---|
| 237 | } |
---|
| 238 | if(! $allowed){ |
---|
| 239 | return $this->error("You may not fetch images from that site. To enable this site in timthumb, you can either add it to \$ALLOWED_SITES and set ALLOW_EXTERNAL=true. Or you can set ALLOW_ALL_EXTERNAL_SITES=true, depending on your security needs."); |
---|
| 240 | } |
---|
| 241 | } |
---|
| 242 | } |
---|
[11699] | 243 | |
---|
[11944] | 244 | $cachePrefix = ($this->isURL ? 'timthumb_ext_' : 'timthumb_int_'); |
---|
| 245 | if($this->isURL){ |
---|
| 246 | $this->cachefile = $this->cacheDirectory . '/' . $cachePrefix . md5($this->salt . $_SERVER ['QUERY_STRING'] . $this->fileCacheVersion) . FILE_CACHE_SUFFIX; |
---|
[11699] | 247 | } else { |
---|
[11944] | 248 | $this->localImage = $this->getLocalImagePath($this->src); |
---|
| 249 | if(! $this->localImage){ |
---|
| 250 | $this->debug(1, "Could not find the local image: {$this->localImage}"); |
---|
| 251 | $this->error("Could not find the internal image you specified."); |
---|
| 252 | $this->set404(); |
---|
| 253 | return false; |
---|
| 254 | } |
---|
| 255 | $this->debug(1, "Local image path is {$this->localImage}"); |
---|
| 256 | $this->localImageMTime = @filemtime($this->localImage); |
---|
| 257 | //We include the mtime of the local file in case in changes on disk. |
---|
| 258 | $this->cachefile = $this->cacheDirectory . '/' . $cachePrefix . md5($this->salt . $this->localImageMTime . $_SERVER ['QUERY_STRING'] . $this->fileCacheVersion) . FILE_CACHE_SUFFIX; |
---|
[11699] | 259 | } |
---|
[11944] | 260 | $this->debug(2, "Cache file is: " . $this->cachefile); |
---|
[11699] | 261 | |
---|
[11944] | 262 | return true; |
---|
[11699] | 263 | } |
---|
[11944] | 264 | public function __destruct(){ |
---|
| 265 | foreach($this->toDeletes as $del){ |
---|
| 266 | $this->debug(2, "Deleting temp file $del"); |
---|
| 267 | @unlink($del); |
---|
| 268 | } |
---|
| 269 | } |
---|
| 270 | public function run(){ |
---|
| 271 | if($this->isURL){ |
---|
| 272 | if(! ALLOW_EXTERNAL){ |
---|
| 273 | $this->debug(1, "Got a request for an external image but ALLOW_EXTERNAL is disabled so returning error msg."); |
---|
| 274 | $this->error("You are not allowed to fetch images from an external website."); |
---|
| 275 | return false; |
---|
| 276 | } |
---|
| 277 | $this->debug(3, "Got request for external image. Starting serveExternalImage."); |
---|
| 278 | if($this->param('webshot')){ |
---|
| 279 | if(WEBSHOT_ENABLED){ |
---|
| 280 | $this->debug(3, "webshot param is set, so we're going to take a webshot."); |
---|
| 281 | $this->serveWebshot(); |
---|
| 282 | } else { |
---|
| 283 | $this->error("You added the webshot parameter but webshots are disabled on this server. You need to set WEBSHOT_ENABLED == true to enable webshots."); |
---|
| 284 | } |
---|
| 285 | } else { |
---|
| 286 | $this->debug(3, "webshot is NOT set so we're going to try to fetch a regular image."); |
---|
| 287 | $this->serveExternalImage(); |
---|
[11699] | 288 | |
---|
[11944] | 289 | } |
---|
| 290 | } else { |
---|
| 291 | $this->debug(3, "Got request for internal image. Starting serveInternalImage()"); |
---|
| 292 | $this->serveInternalImage(); |
---|
[11699] | 293 | } |
---|
[11944] | 294 | return true; |
---|
| 295 | } |
---|
| 296 | protected function handleErrors(){ |
---|
| 297 | if($this->haveErrors()){ |
---|
| 298 | if(NOT_FOUND_IMAGE && $this->is404()){ |
---|
| 299 | if($this->serveImg(NOT_FOUND_IMAGE)){ |
---|
| 300 | exit(0); |
---|
| 301 | } else { |
---|
| 302 | $this->error("Additionally, the 404 image that is configured could not be found or there was an error serving it."); |
---|
| 303 | } |
---|
| 304 | } |
---|
| 305 | if(ERROR_IMAGE){ |
---|
| 306 | if($this->serveImg(ERROR_IMAGE)){ |
---|
| 307 | exit(0); |
---|
| 308 | } else { |
---|
| 309 | $this->error("Additionally, the error image that is configured could not be found or there was an error serving it."); |
---|
| 310 | } |
---|
| 311 | } |
---|
| 312 | |
---|
| 313 | $this->serveErrors(); |
---|
| 314 | exit(0); |
---|
| 315 | } |
---|
| 316 | return false; |
---|
| 317 | } |
---|
| 318 | protected function tryBrowserCache(){ |
---|
| 319 | if(BROWSER_CACHE_DISABLE){ $this->debug(3, "Browser caching is disabled"); return false; } |
---|
| 320 | if(!empty($_SERVER['HTTP_IF_MODIFIED_SINCE']) ){ |
---|
| 321 | $this->debug(3, "Got a conditional get"); |
---|
| 322 | $mtime = false; |
---|
| 323 | //We've already checked if the real file exists in the constructor |
---|
| 324 | if(! is_file($this->cachefile)){ |
---|
| 325 | //If we don't have something cached, regenerate the cached image. |
---|
| 326 | return false; |
---|
| 327 | } |
---|
| 328 | if($this->localImageMTime){ |
---|
| 329 | $mtime = $this->localImageMTime; |
---|
| 330 | $this->debug(3, "Local real file's modification time is $mtime"); |
---|
| 331 | } else if(is_file($this->cachefile)){ //If it's not a local request then use the mtime of the cached file to determine the 304 |
---|
| 332 | $mtime = @filemtime($this->cachefile); |
---|
| 333 | $this->debug(3, "Cached file's modification time is $mtime"); |
---|
| 334 | } |
---|
| 335 | if(! $mtime){ return false; } |
---|
[11699] | 336 | |
---|
[11944] | 337 | $iftime = strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE']); |
---|
| 338 | $this->debug(3, "The conditional get's if-modified-since unixtime is $iftime"); |
---|
| 339 | if($iftime < 1){ |
---|
| 340 | $this->debug(3, "Got an invalid conditional get modified since time. Returning false."); |
---|
| 341 | return false; |
---|
[11699] | 342 | } |
---|
[11944] | 343 | if($iftime < $mtime){ //Real file or cache file has been modified since last request, so force refetch. |
---|
| 344 | $this->debug(3, "File has been modified since last fetch."); |
---|
| 345 | return false; |
---|
| 346 | } else { //Otherwise serve a 304 |
---|
| 347 | $this->debug(3, "File has not been modified since last get, so serving a 304."); |
---|
| 348 | header ('HTTP/1.1 304 Not Modified'); |
---|
| 349 | $this->debug(1, "Returning 304 not modified"); |
---|
| 350 | return true; |
---|
[11699] | 351 | } |
---|
[11944] | 352 | } |
---|
| 353 | return false; |
---|
| 354 | } |
---|
| 355 | protected function tryServerCache(){ |
---|
| 356 | $this->debug(3, "Trying server cache"); |
---|
| 357 | if(file_exists($this->cachefile)){ |
---|
| 358 | $this->debug(3, "Cachefile {$this->cachefile} exists"); |
---|
| 359 | if($this->isURL){ |
---|
| 360 | $this->debug(3, "This is an external request, so checking if the cachefile is empty which means the request failed previously."); |
---|
| 361 | if(filesize($this->cachefile) < 1){ |
---|
| 362 | $this->debug(3, "Found an empty cachefile indicating a failed earlier request. Checking how old it is."); |
---|
| 363 | //Fetching error occured previously |
---|
| 364 | if(time() - @filemtime($this->cachefile) > WAIT_BETWEEN_FETCH_ERRORS){ |
---|
| 365 | $this->debug(3, "File is older than " . WAIT_BETWEEN_FETCH_ERRORS . " seconds. Deleting and returning false so app can try and load file."); |
---|
| 366 | @unlink($this->cachefile); |
---|
| 367 | return false; //to indicate we didn't serve from cache and app should try and load |
---|
| 368 | } else { |
---|
| 369 | $this->debug(3, "Empty cachefile is still fresh so returning message saying we had an error fetching this image from remote host."); |
---|
| 370 | $this->set404(); |
---|
| 371 | $this->error("An error occured fetching image."); |
---|
| 372 | return false; |
---|
| 373 | } |
---|
| 374 | } |
---|
| 375 | } else { |
---|
| 376 | $this->debug(3, "Trying to serve cachefile {$this->cachefile}"); |
---|
[11699] | 377 | } |
---|
[11944] | 378 | if($this->serveCacheFile()){ |
---|
| 379 | $this->debug(3, "Succesfully served cachefile {$this->cachefile}"); |
---|
| 380 | return true; |
---|
| 381 | } else { |
---|
| 382 | $this->debug(3, "Failed to serve cachefile {$this->cachefile} - Deleting it from cache."); |
---|
| 383 | //Image serving failed. We can't retry at this point, but lets remove it from cache so the next request recreates it |
---|
| 384 | @unlink($this->cachefile); |
---|
| 385 | return true; |
---|
[11699] | 386 | } |
---|
| 387 | } |
---|
[11944] | 388 | } |
---|
| 389 | protected function error($err){ |
---|
| 390 | $this->debug(3, "Adding error message: $err"); |
---|
| 391 | $this->errors[] = $err; |
---|
| 392 | return false; |
---|
[11699] | 393 | |
---|
[11944] | 394 | } |
---|
| 395 | protected function haveErrors(){ |
---|
| 396 | if(sizeof($this->errors) > 0){ |
---|
| 397 | return true; |
---|
| 398 | } |
---|
| 399 | return false; |
---|
| 400 | } |
---|
| 401 | protected function serveErrors(){ |
---|
| 402 | $html = '<ul>'; |
---|
| 403 | foreach($this->errors as $err){ |
---|
| 404 | $html .= '<li>' . htmlentities($err) . '</li>'; |
---|
| 405 | } |
---|
| 406 | $html .= '</ul>'; |
---|
| 407 | header ('HTTP/1.1 400 Bad Request'); |
---|
| 408 | echo '<h1>A TimThumb error has occured</h1>The following error(s) occured:<br />' . $html . '<br />'; |
---|
| 409 | echo '<br />Query String : ' . htmlentities ($_SERVER['QUERY_STRING']); |
---|
| 410 | echo '<br />TimThumb version : ' . VERSION . '</pre>'; |
---|
| 411 | } |
---|
| 412 | protected function serveInternalImage(){ |
---|
| 413 | $this->debug(3, "Local image path is $this->localImage"); |
---|
| 414 | if(! $this->localImage){ |
---|
| 415 | $this->sanityFail("localImage not set after verifying it earlier in the code."); |
---|
| 416 | return false; |
---|
| 417 | } |
---|
| 418 | $fileSize = filesize($this->localImage); |
---|
| 419 | if($fileSize > MAX_FILE_SIZE){ |
---|
| 420 | $this->error("The file you specified is greater than the maximum allowed file size."); |
---|
| 421 | return false; |
---|
| 422 | } |
---|
| 423 | if($fileSize <= 0){ |
---|
| 424 | $this->error("The file you specified is <= 0 bytes."); |
---|
| 425 | return false; |
---|
| 426 | } |
---|
| 427 | $this->debug(3, "Calling processImageAndWriteToCache() for local image."); |
---|
| 428 | if($this->processImageAndWriteToCache($this->localImage)){ |
---|
| 429 | $this->serveCacheFile(); |
---|
| 430 | return true; |
---|
| 431 | } else { |
---|
| 432 | return false; |
---|
| 433 | } |
---|
| 434 | } |
---|
| 435 | protected function cleanCache(){ |
---|
| 436 | $this->debug(3, "cleanCache() called"); |
---|
| 437 | $lastCleanFile = $this->cacheDirectory . '/timthumb_cacheLastCleanTime.touch'; |
---|
| 438 | |
---|
| 439 | //If this is a new timthumb installation we need to create the file |
---|
| 440 | if(! is_file($lastCleanFile)){ |
---|
| 441 | $this->debug(1, "File tracking last clean doesn't exist. Creating $lastCleanFile"); |
---|
| 442 | touch($lastCleanFile); |
---|
| 443 | return; |
---|
| 444 | } |
---|
| 445 | if(@filemtime($lastCleanFile) < (time() - FILE_CACHE_TIME_BETWEEN_CLEANS) ){ //Cache was last cleaned more than 1 day ago |
---|
| 446 | $this->debug(1, "Cache was last cleaned more than " . FILE_CACHE_TIME_BETWEEN_CLEANS . " seconds ago. Cleaning now."); |
---|
| 447 | // Very slight race condition here, but worst case we'll have 2 or 3 servers cleaning the cache simultaneously once a day. |
---|
| 448 | touch($lastCleanFile); |
---|
| 449 | $files = glob($this->cacheDirectory . '/*' . FILE_CACHE_SUFFIX); |
---|
| 450 | $timeAgo = time() - FILE_CACHE_MAX_FILE_AGE; |
---|
| 451 | foreach($files as $file){ |
---|
| 452 | if(@filemtime($file) < $timeAgo){ |
---|
| 453 | $this->debug(3, "Deleting cache file $file older than max age: " . FILE_CACHE_MAX_FILE_AGE . " seconds"); |
---|
| 454 | @unlink($file); |
---|
| 455 | } |
---|
| 456 | } |
---|
| 457 | return true; |
---|
| 458 | } else { |
---|
| 459 | $this->debug(3, "Cache was cleaned less than " . FILE_CACHE_TIME_BETWEEN_CLEANS . " seconds ago so no cleaning needed."); |
---|
| 460 | } |
---|
| 461 | return false; |
---|
| 462 | } |
---|
| 463 | protected function processImageAndWriteToCache($localImage){ |
---|
| 464 | $sData = getimagesize($localImage); |
---|
| 465 | $origType = $sData[2]; |
---|
| 466 | $mimeType = $sData['mime']; |
---|
[11699] | 467 | |
---|
[11944] | 468 | $this->debug(3, "Mime type of image is $mimeType"); |
---|
| 469 | if(! preg_match('/^image\/(?:gif|jpg|jpeg|png)$/i', $mimeType)){ |
---|
| 470 | return $this->error("The image being resized is not a valid gif, jpg or png."); |
---|
| 471 | } |
---|
[11699] | 472 | |
---|
[11944] | 473 | if (!function_exists ('imagecreatetruecolor')) { |
---|
| 474 | return $this->error('GD Library Error: imagecreatetruecolor does not exist - please contact your webhost and ask them to install the GD library'); |
---|
| 475 | } |
---|
[11699] | 476 | |
---|
[11944] | 477 | if (function_exists ('imagefilter') && defined ('IMG_FILTER_NEGATE')) { |
---|
| 478 | $imageFilters = array ( |
---|
| 479 | 1 => array (IMG_FILTER_NEGATE, 0), |
---|
| 480 | 2 => array (IMG_FILTER_GRAYSCALE, 0), |
---|
| 481 | 3 => array (IMG_FILTER_BRIGHTNESS, 1), |
---|
| 482 | 4 => array (IMG_FILTER_CONTRAST, 1), |
---|
| 483 | 5 => array (IMG_FILTER_COLORIZE, 4), |
---|
| 484 | 6 => array (IMG_FILTER_EDGEDETECT, 0), |
---|
| 485 | 7 => array (IMG_FILTER_EMBOSS, 0), |
---|
| 486 | 8 => array (IMG_FILTER_GAUSSIAN_BLUR, 0), |
---|
| 487 | 9 => array (IMG_FILTER_SELECTIVE_BLUR, 0), |
---|
| 488 | 10 => array (IMG_FILTER_MEAN_REMOVAL, 0), |
---|
| 489 | 11 => array (IMG_FILTER_SMOOTH, 0), |
---|
| 490 | ); |
---|
| 491 | } |
---|
[11699] | 492 | |
---|
[11944] | 493 | // get standard input properties |
---|
| 494 | $new_width = (int) abs ($this->param('w', 0)); |
---|
| 495 | $new_height = (int) abs ($this->param('h', 0)); |
---|
| 496 | $zoom_crop = (int) $this->param('zc', 1); |
---|
| 497 | $quality = (int) abs ($this->param('q', 90)); |
---|
| 498 | $align = $this->cropTop ? 't' : $this->param('a', 'c'); |
---|
| 499 | $filters = $this->param('f', ''); |
---|
| 500 | $sharpen = (bool) $this->param('s', 0); |
---|
| 501 | $canvas_color = $this->param('cc', 'ffffff'); |
---|
[11699] | 502 | |
---|
[11944] | 503 | // set default width and height if neither are set already |
---|
| 504 | if ($new_width == 0 && $new_height == 0) { |
---|
| 505 | $new_width = 100; |
---|
| 506 | $new_height = 100; |
---|
| 507 | } |
---|
[11699] | 508 | |
---|
[11944] | 509 | // ensure size limits can not be abused |
---|
| 510 | $new_width = min ($new_width, MAX_WIDTH); |
---|
| 511 | $new_height = min ($new_height, MAX_HEIGHT); |
---|
[11699] | 512 | |
---|
[11944] | 513 | // set memory limit to be able to have enough space to resize larger images |
---|
| 514 | $this->setMemoryLimit(); |
---|
[11699] | 515 | |
---|
[11944] | 516 | // open the existing image |
---|
| 517 | $image = $this->openImage ($mimeType, $localImage); |
---|
| 518 | if ($image === false) { |
---|
| 519 | return $this->error('Unable to open image.'); |
---|
| 520 | } |
---|
[11699] | 521 | |
---|
[11944] | 522 | // Get original width and height |
---|
| 523 | $width = imagesx ($image); |
---|
| 524 | $height = imagesy ($image); |
---|
| 525 | $origin_x = 0; |
---|
| 526 | $origin_y = 0; |
---|
[11699] | 527 | |
---|
[11944] | 528 | // generate new w/h if not provided |
---|
| 529 | if ($new_width && !$new_height) { |
---|
| 530 | $new_height = floor ($height * ($new_width / $width)); |
---|
| 531 | } else if ($new_height && !$new_width) { |
---|
| 532 | $new_width = floor ($width * ($new_height / $height)); |
---|
| 533 | } |
---|
[11699] | 534 | |
---|
[11944] | 535 | // scale down and add borders |
---|
| 536 | if ($zoom_crop == 3) { |
---|
[11699] | 537 | |
---|
[11944] | 538 | $final_height = $height * ($new_width / $width); |
---|
[11699] | 539 | |
---|
[11944] | 540 | if ($final_height > $new_height) { |
---|
| 541 | $new_width = $width * ($new_height / $height); |
---|
| 542 | } else { |
---|
| 543 | $new_height = $final_height; |
---|
| 544 | } |
---|
[11699] | 545 | |
---|
[11944] | 546 | } |
---|
[11699] | 547 | |
---|
[11944] | 548 | // create a new true color image |
---|
| 549 | $canvas = imagecreatetruecolor ($new_width, $new_height); |
---|
| 550 | imagealphablending ($canvas, false); |
---|
[11699] | 551 | |
---|
[11944] | 552 | if (strlen ($canvas_color) < 6) { |
---|
| 553 | $canvas_color = 'ffffff'; |
---|
| 554 | } |
---|
[11699] | 555 | |
---|
[11944] | 556 | $canvas_color_R = hexdec (substr ($canvas_color, 0, 2)); |
---|
| 557 | $canvas_color_G = hexdec (substr ($canvas_color, 2, 2)); |
---|
| 558 | $canvas_color_B = hexdec (substr ($canvas_color, 2, 2)); |
---|
[11699] | 559 | |
---|
[11944] | 560 | // Create a new transparent color for image |
---|
| 561 | $color = imagecolorallocatealpha ($canvas, $canvas_color_R, $canvas_color_G, $canvas_color_B, 127); |
---|
[11699] | 562 | |
---|
[11944] | 563 | // Completely fill the background of the new image with allocated color. |
---|
| 564 | imagefill ($canvas, 0, 0, $color); |
---|
[11699] | 565 | |
---|
[11944] | 566 | // scale down and add borders |
---|
| 567 | if ($zoom_crop == 2) { |
---|
[11699] | 568 | |
---|
[11944] | 569 | $final_height = $height * ($new_width / $width); |
---|
[11699] | 570 | |
---|
[11944] | 571 | if ($final_height > $new_height) { |
---|
[11699] | 572 | |
---|
[11944] | 573 | $origin_x = $new_width / 2; |
---|
| 574 | $new_width = $width * ($new_height / $height); |
---|
| 575 | $origin_x = round ($origin_x - ($new_width / 2)); |
---|
[11699] | 576 | |
---|
[11944] | 577 | } else { |
---|
[11699] | 578 | |
---|
[11944] | 579 | $origin_y = $new_height / 2; |
---|
| 580 | $new_height = $final_height; |
---|
| 581 | $origin_y = round ($origin_y - ($new_height / 2)); |
---|
[11699] | 582 | |
---|
[11944] | 583 | } |
---|
[11699] | 584 | |
---|
[11944] | 585 | } |
---|
[11699] | 586 | |
---|
[11944] | 587 | // Restore transparency blending |
---|
| 588 | imagesavealpha ($canvas, true); |
---|
[11699] | 589 | |
---|
[11944] | 590 | if ($zoom_crop > 0) { |
---|
[11699] | 591 | |
---|
[11944] | 592 | $src_x = $src_y = 0; |
---|
| 593 | $src_w = $width; |
---|
| 594 | $src_h = $height; |
---|
[11699] | 595 | |
---|
[11944] | 596 | $cmp_x = $width / $new_width; |
---|
| 597 | $cmp_y = $height / $new_height; |
---|
[11699] | 598 | |
---|
[11944] | 599 | // calculate x or y coordinate and width or height of source |
---|
| 600 | if ($cmp_x > $cmp_y) { |
---|
[11699] | 601 | |
---|
[11944] | 602 | $src_w = round ($width / $cmp_x * $cmp_y); |
---|
| 603 | $src_x = round (($width - ($width / $cmp_x * $cmp_y)) / 2); |
---|
[11699] | 604 | |
---|
[11944] | 605 | } else if ($cmp_y > $cmp_x) { |
---|
[11699] | 606 | |
---|
[11944] | 607 | $src_h = round ($height / $cmp_y * $cmp_x); |
---|
| 608 | $src_y = round (($height - ($height / $cmp_y * $cmp_x)) / 2); |
---|
[11699] | 609 | |
---|
[11944] | 610 | } |
---|
[11699] | 611 | |
---|
[11944] | 612 | // positional cropping! |
---|
| 613 | if ($align) { |
---|
| 614 | if (strpos ($align, 't') !== false) { |
---|
| 615 | $src_y = 0; |
---|
| 616 | } |
---|
| 617 | if (strpos ($align, 'b') !== false) { |
---|
| 618 | $src_y = $height - $src_h; |
---|
| 619 | } |
---|
| 620 | if (strpos ($align, 'l') !== false) { |
---|
| 621 | $src_x = 0; |
---|
| 622 | } |
---|
| 623 | if (strpos ($align, 'r') !== false) { |
---|
| 624 | $src_x = $width - $src_w; |
---|
| 625 | } |
---|
| 626 | } |
---|
[11699] | 627 | |
---|
[11944] | 628 | imagecopyresampled ($canvas, $image, $origin_x, $origin_y, $src_x, $src_y, $new_width, $new_height, $src_w, $src_h); |
---|
[11699] | 629 | |
---|
[11944] | 630 | } else { |
---|
[11699] | 631 | |
---|
[11944] | 632 | // copy and resize part of an image with resampling |
---|
| 633 | imagecopyresampled ($canvas, $image, 0, 0, 0, 0, $new_width, $new_height, $width, $height); |
---|
[11699] | 634 | |
---|
[11944] | 635 | } |
---|
[11699] | 636 | |
---|
[11944] | 637 | if ($filters != '' && function_exists ('imagefilter') && defined ('IMG_FILTER_NEGATE')) { |
---|
| 638 | // apply filters to image |
---|
| 639 | $filterList = explode ('|', $filters); |
---|
| 640 | foreach ($filterList as $fl) { |
---|
[11699] | 641 | |
---|
[11944] | 642 | $filterSettings = explode (',', $fl); |
---|
| 643 | if (isset ($imageFilters[$filterSettings[0]])) { |
---|
[11699] | 644 | |
---|
[11944] | 645 | for ($i = 0; $i < 4; $i ++) { |
---|
| 646 | if (!isset ($filterSettings[$i])) { |
---|
| 647 | $filterSettings[$i] = null; |
---|
| 648 | } else { |
---|
| 649 | $filterSettings[$i] = (int) $filterSettings[$i]; |
---|
| 650 | } |
---|
| 651 | } |
---|
[11699] | 652 | |
---|
[11944] | 653 | switch ($imageFilters[$filterSettings[0]][1]) { |
---|
[11699] | 654 | |
---|
[11944] | 655 | case 1: |
---|
[11699] | 656 | |
---|
[11944] | 657 | imagefilter ($canvas, $imageFilters[$filterSettings[0]][0], $filterSettings[1]); |
---|
| 658 | break; |
---|
[11699] | 659 | |
---|
[11944] | 660 | case 2: |
---|
[11699] | 661 | |
---|
[11944] | 662 | imagefilter ($canvas, $imageFilters[$filterSettings[0]][0], $filterSettings[1], $filterSettings[2]); |
---|
| 663 | break; |
---|
[11699] | 664 | |
---|
[11944] | 665 | case 3: |
---|
[11699] | 666 | |
---|
[11944] | 667 | imagefilter ($canvas, $imageFilters[$filterSettings[0]][0], $filterSettings[1], $filterSettings[2], $filterSettings[3]); |
---|
| 668 | break; |
---|
[11699] | 669 | |
---|
[11944] | 670 | case 4: |
---|
[11699] | 671 | |
---|
[11944] | 672 | imagefilter ($canvas, $imageFilters[$filterSettings[0]][0], $filterSettings[1], $filterSettings[2], $filterSettings[3], $filterSettings[4]); |
---|
| 673 | break; |
---|
[11699] | 674 | |
---|
[11944] | 675 | default: |
---|
[11699] | 676 | |
---|
[11944] | 677 | imagefilter ($canvas, $imageFilters[$filterSettings[0]][0]); |
---|
| 678 | break; |
---|
[11699] | 679 | |
---|
[11944] | 680 | } |
---|
| 681 | } |
---|
[11699] | 682 | } |
---|
| 683 | } |
---|
| 684 | |
---|
[11944] | 685 | // sharpen image |
---|
| 686 | if ($sharpen && function_exists ('imageconvolution')) { |
---|
[11699] | 687 | |
---|
[11944] | 688 | $sharpenMatrix = array ( |
---|
| 689 | array (-1,-1,-1), |
---|
| 690 | array (-1,16,-1), |
---|
| 691 | array (-1,-1,-1), |
---|
| 692 | ); |
---|
[11699] | 693 | |
---|
[11944] | 694 | $divisor = 8; |
---|
| 695 | $offset = 0; |
---|
[11699] | 696 | |
---|
[11944] | 697 | imageconvolution ($canvas, $sharpenMatrix, $divisor, $offset); |
---|
[11699] | 698 | |
---|
[11944] | 699 | } |
---|
| 700 | //Straight from Wordpress core code. Reduces filesize by up to 70% for PNG's |
---|
| 701 | if ( (IMAGETYPE_PNG == $origType || IMAGETYPE_GIF == $origType) && function_exists('imageistruecolor') && !imageistruecolor( $image ) ){ |
---|
| 702 | imagetruecolortopalette( $canvas, false, imagecolorstotal( $image ) ); |
---|
| 703 | } |
---|
[11699] | 704 | |
---|
[11944] | 705 | $imgType = ""; |
---|
| 706 | $tempfile = tempnam($this->cacheDirectory, 'timthumb_tmpimg_'); |
---|
| 707 | if(preg_match('/^image\/(?:jpg|jpeg)$/i', $mimeType)){ |
---|
| 708 | $imgType = 'jpg'; |
---|
| 709 | imagejpeg($canvas, $tempfile, $quality); |
---|
| 710 | } else if(preg_match('/^image\/png$/i', $mimeType)){ |
---|
| 711 | $imgType = 'png'; |
---|
| 712 | imagepng($canvas, $tempfile, floor($quality * 0.09)); |
---|
| 713 | } else if(preg_match('/^image\/gif$/i', $mimeType)){ |
---|
| 714 | $imgType = 'gif'; |
---|
| 715 | imagegif($canvas, $tempfile); |
---|
| 716 | } else { |
---|
| 717 | return $this->sanityFail("Could not match mime type after verifying it previously."); |
---|
| 718 | } |
---|
[11699] | 719 | |
---|
[11944] | 720 | if($imgType == 'png' && OPTIPNG_ENABLED && OPTIPNG_PATH && @is_file(OPTIPNG_PATH)){ |
---|
| 721 | $exec = OPTIPNG_PATH; |
---|
| 722 | $this->debug(3, "optipng'ing $tempfile"); |
---|
| 723 | $presize = filesize($tempfile); |
---|
| 724 | $out = `$exec -o1 $tempfile`; //you can use up to -o7 but it really slows things down |
---|
| 725 | clearstatcache(); |
---|
| 726 | $aftersize = filesize($tempfile); |
---|
| 727 | $sizeDrop = $presize - $aftersize; |
---|
| 728 | if($sizeDrop > 0){ |
---|
| 729 | $this->debug(1, "optipng reduced size by $sizeDrop"); |
---|
| 730 | } else if($sizeDrop < 0){ |
---|
| 731 | $this->debug(1, "optipng increased size! Difference was: $sizeDrop"); |
---|
| 732 | } else { |
---|
| 733 | $this->debug(1, "optipng did not change image size."); |
---|
| 734 | } |
---|
| 735 | } else if($imgType == 'png' && PNGCRUSH_ENABLED && PNGCRUSH_PATH && @is_file(PNGCRUSH_PATH)){ |
---|
| 736 | $exec = PNGCRUSH_PATH; |
---|
| 737 | $tempfile2 = tempnam($this->cacheDirectory, 'timthumb_tmpimg_'); |
---|
| 738 | $this->debug(3, "pngcrush'ing $tempfile to $tempfile2"); |
---|
| 739 | $out = `$exec $tempfile $tempfile2`; |
---|
| 740 | $todel = ""; |
---|
| 741 | if(is_file($tempfile2)){ |
---|
| 742 | $sizeDrop = filesize($tempfile) - filesize($tempfile2); |
---|
| 743 | if($sizeDrop > 0){ |
---|
| 744 | $this->debug(1, "pngcrush was succesful and gave a $sizeDrop byte size reduction"); |
---|
| 745 | $todel = $tempfile; |
---|
| 746 | $tempfile = $tempfile2; |
---|
| 747 | } else { |
---|
| 748 | $this->debug(1, "pngcrush did not reduce file size. Difference was $sizeDrop bytes."); |
---|
| 749 | $todel = $tempfile2; |
---|
| 750 | } |
---|
| 751 | } else { |
---|
| 752 | $this->debug(3, "pngcrush failed with output: $out"); |
---|
| 753 | $todel = $tempfile2; |
---|
| 754 | } |
---|
| 755 | @unlink($todel); |
---|
| 756 | } |
---|
[11699] | 757 | |
---|
[11944] | 758 | $this->debug(3, "Rewriting image with security header."); |
---|
| 759 | $tempfile4 = tempnam($this->cacheDirectory, 'timthumb_tmpimg_'); |
---|
| 760 | $context = stream_context_create (); |
---|
| 761 | $fp = fopen($tempfile,'r',0,$context); |
---|
| 762 | file_put_contents($tempfile4, $this->filePrependSecurityBlock . $imgType . ' ?' . '>'); //6 extra bytes, first 3 being image type |
---|
| 763 | file_put_contents($tempfile4, $fp, FILE_APPEND); |
---|
| 764 | fclose($fp); |
---|
| 765 | @unlink($tempfile); |
---|
| 766 | $this->debug(3, "Locking and replacing cache file."); |
---|
| 767 | $lockFile = $this->cachefile . '.lock'; |
---|
| 768 | $fh = fopen($lockFile, 'w'); |
---|
| 769 | if(! $fh){ |
---|
| 770 | return $this->error("Could not open the lockfile for writing an image."); |
---|
| 771 | } |
---|
| 772 | if(flock($fh, LOCK_EX)){ |
---|
| 773 | @unlink($this->cachefile); //rename generally overwrites, but doing this in case of platform specific quirks. File might not exist yet. |
---|
| 774 | rename($tempfile4, $this->cachefile); |
---|
| 775 | flock($fh, LOCK_UN); |
---|
| 776 | fclose($fh); |
---|
| 777 | @unlink($lockFile); |
---|
| 778 | } else { |
---|
| 779 | fclose($fh); |
---|
| 780 | @unlink($lockFile); |
---|
| 781 | @unlink($tempfile4); |
---|
| 782 | return $this->error("Could not get a lock for writing."); |
---|
| 783 | } |
---|
| 784 | $this->debug(3, "Done image replace with security header. Cleaning up and running cleanCache()"); |
---|
| 785 | imagedestroy($canvas); |
---|
| 786 | return true; |
---|
[11699] | 787 | } |
---|
[11944] | 788 | protected function calcDocRoot(){ |
---|
| 789 | $docRoot = @$_SERVER['DOCUMENT_ROOT']; |
---|
| 790 | if(!isset($docRoot)){ |
---|
| 791 | $this->debug(3, "DOCUMENT_ROOT is not set. This is probably windows. Starting search 1."); |
---|
| 792 | if(isset($_SERVER['SCRIPT_FILENAME'])){ |
---|
| 793 | $docRoot = str_replace( '\\', '/', substr($_SERVER['SCRIPT_FILENAME'], 0, 0-strlen($_SERVER['PHP_SELF']))); |
---|
| 794 | $this->debug(3, "Generated docRoot using SCRIPT_FILENAME and PHP_SELF as: $docRoot"); |
---|
| 795 | } |
---|
| 796 | } |
---|
| 797 | if(!isset($docRoot)){ |
---|
| 798 | $this->debug(3, "DOCUMENT_ROOT still is not set. Starting search 2."); |
---|
| 799 | if(isset($_SERVER['PATH_TRANSLATED'])){ |
---|
| 800 | $docRoot = str_replace( '\\', '/', substr(str_replace('\\\\', '\\', $_SERVER['PATH_TRANSLATED']), 0, 0-strlen($_SERVER['PHP_SELF']))); |
---|
| 801 | $this->debug(3, "Generated docRoot using PATH_TRANSLATED and PHP_SELF as: $docRoot"); |
---|
| 802 | } |
---|
| 803 | } |
---|
| 804 | if($docRoot){ $docRoot = preg_replace('/\/$/', '', $docRoot); } |
---|
| 805 | $this->debug(3, "Doc root is: " . $docRoot); |
---|
| 806 | $this->docRoot = $docRoot; |
---|
[11699] | 807 | |
---|
| 808 | } |
---|
[11944] | 809 | protected function getLocalImagePath($src){ |
---|
| 810 | $src = preg_replace('/^\//', '', $src); //strip off the leading '/' |
---|
| 811 | $realDocRoot = realpath($this->docRoot); //See issue 224. Using realpath as a windows fix. |
---|
| 812 | if(! $this->docRoot){ |
---|
| 813 | $this->debug(3, "We have no document root set, so as a last resort, lets check if the image is in the current dir and serve that."); |
---|
| 814 | //We don't support serving images outside the current dir if we don't have a doc root for security reasons. |
---|
| 815 | $file = preg_replace('/^.*?([^\/\\\\]+)$/', '$1', $src); //strip off any path info and just leave the filename. |
---|
| 816 | if(is_file($file)){ |
---|
| 817 | return realpath($file); |
---|
| 818 | } |
---|
| 819 | return $this->error("Could not find your website document root and the file specified doesn't exist in timthumbs directory. We don't support serving files outside timthumb's directory without a document root for security reasons."); |
---|
| 820 | } //Do not go past this point without docRoot set |
---|
[11699] | 821 | |
---|
[11944] | 822 | //Try src under docRoot |
---|
| 823 | if(file_exists ($this->docRoot . '/' . $src)) { |
---|
| 824 | $this->debug(3, "Found file as " . $this->docRoot . '/' . $src); |
---|
| 825 | $real = realpath($this->docRoot . '/' . $src); |
---|
| 826 | if(strpos($real, $realDocRoot) === 0){ |
---|
| 827 | return $real; |
---|
| 828 | } else { |
---|
| 829 | $this->debug(1, "Security block: The file specified occurs outside the document root."); |
---|
| 830 | //allow search to continue |
---|
[11699] | 831 | } |
---|
| 832 | } |
---|
[11944] | 833 | //Check absolute paths and then verify the real path is under doc root |
---|
| 834 | $absolute = realpath('/' . $src); |
---|
| 835 | if($absolute && file_exists($absolute)){ //realpath does file_exists check, so can probably skip the exists check here |
---|
| 836 | $this->debug(3, "Found absolute path: $absolute"); |
---|
| 837 | if(! $this->docRoot){ $this->sanityFail("docRoot not set when checking absolute path."); } |
---|
| 838 | if(strpos($absolute, $realDocRoot) === 0){ |
---|
| 839 | return $absolute; |
---|
| 840 | } else { |
---|
| 841 | $this->debug(1, "Security block: The file specified occurs outside the document root."); |
---|
| 842 | //and continue search |
---|
| 843 | } |
---|
| 844 | } |
---|
| 845 | $base = $this->docRoot; |
---|
| 846 | foreach (explode('/', str_replace($this->docRoot, '', $_SERVER['SCRIPT_FILENAME'])) as $sub){ |
---|
| 847 | $base .= $sub . '/'; |
---|
| 848 | $this->debug(3, "Trying file as: " . $base . $src); |
---|
| 849 | if(file_exists($base . $src)){ |
---|
| 850 | $this->debug(3, "Found file as: " . $base . $src); |
---|
| 851 | $real = realpath($base . $src); |
---|
| 852 | if(strpos($real, $realDocRoot) === 0){ |
---|
| 853 | return $real; |
---|
| 854 | } else { |
---|
| 855 | $this->debug(1, "Security block: The file specified occurs outside the document root."); |
---|
| 856 | //And continue search |
---|
| 857 | } |
---|
| 858 | } |
---|
| 859 | } |
---|
| 860 | return false; |
---|
[11699] | 861 | } |
---|
[11944] | 862 | protected function toDelete($name){ |
---|
| 863 | $this->debug(3, "Scheduling file $name to delete on destruct."); |
---|
| 864 | $this->toDeletes[] = $name; |
---|
| 865 | } |
---|
| 866 | protected function serveWebshot(){ |
---|
| 867 | $this->debug(3, "Starting serveWebshot"); |
---|
| 868 | $instr = "Please follow the instructions at http://code.google.com/p/timthumb/ to set your server up for taking website screenshots."; |
---|
| 869 | if(! is_file(WEBSHOT_CUTYCAPT)){ |
---|
| 870 | return $this->error("CutyCapt is not installed. $instr"); |
---|
| 871 | } |
---|
| 872 | if(! is_file(WEBSHOT_XVFB)){ |
---|
| 873 | return $this->Error("Xvfb is not installed. $instr"); |
---|
| 874 | } |
---|
| 875 | $cuty = WEBSHOT_CUTYCAPT; |
---|
| 876 | $xv = WEBSHOT_XVFB; |
---|
| 877 | $screenX = WEBSHOT_SCREEN_X; |
---|
| 878 | $screenY = WEBSHOT_SCREEN_Y; |
---|
| 879 | $colDepth = WEBSHOT_COLOR_DEPTH; |
---|
| 880 | $format = WEBSHOT_IMAGE_FORMAT; |
---|
| 881 | $timeout = WEBSHOT_TIMEOUT * 1000; |
---|
| 882 | $ua = WEBSHOT_USER_AGENT; |
---|
| 883 | $jsOn = WEBSHOT_JAVASCRIPT_ON ? 'on' : 'off'; |
---|
| 884 | $javaOn = WEBSHOT_JAVA_ON ? 'on' : 'off'; |
---|
| 885 | $pluginsOn = WEBSHOT_PLUGINS_ON ? 'on' : 'off'; |
---|
| 886 | $proxy = WEBSHOT_PROXY ? ' --http-proxy=' . WEBSHOT_PROXY : ''; |
---|
| 887 | $tempfile = tempnam($this->cacheDirectory, 'timthumb_webshot'); |
---|
| 888 | $url = $this->src; |
---|
| 889 | if(! preg_match('/^https?:\/\/[a-zA-Z0-9\.\-]+/i', $url)){ |
---|
| 890 | return $this->error("Invalid URL supplied."); |
---|
| 891 | } |
---|
| 892 | $url = preg_replace('/[^A-Za-z0-9\-\.\_\~:\/\?\#\[\]\@\!\$\&\'\(\)\*\+\,\;\=]+/', '', $url); //RFC 3986 |
---|
| 893 | //Very important we don't allow injection of shell commands here. URL is between quotes and we are only allowing through chars allowed by a the RFC |
---|
| 894 | // which AFAIKT can't be used for shell injection. |
---|
| 895 | if(WEBSHOT_XVFB_RUNNING){ |
---|
| 896 | putenv('DISPLAY=:100.0'); |
---|
| 897 | $command = "$cuty $proxy --max-wait=$timeout --user-agent=\"$ua\" --javascript=$jsOn --java=$javaOn --plugins=$pluginsOn --js-can-open-windows=off --url=\"$url\" --out-format=$format --out=$tempfile"; |
---|
| 898 | } else { |
---|
| 899 | $command = "$xv --server-args=\"-screen 0, {$screenX}x{$screenY}x{$colDepth}\" $cuty $proxy --max-wait=$timeout --user-agent=\"$ua\" --javascript=$jsOn --java=$javaOn --plugins=$pluginsOn --js-can-open-windows=off --url=\"$url\" --out-format=$format --out=$tempfile"; |
---|
| 900 | } |
---|
| 901 | $this->debug(3, "Executing command: $command"); |
---|
| 902 | $out = `$command`; |
---|
| 903 | $this->debug(3, "Received output: $out"); |
---|
| 904 | if(! is_file($tempfile)){ |
---|
| 905 | $this->set404(); |
---|
| 906 | return $this->error("The command to create a thumbnail failed."); |
---|
| 907 | } |
---|
| 908 | $this->cropTop = true; |
---|
| 909 | if($this->processImageAndWriteToCache($tempfile)){ |
---|
| 910 | $this->debug(3, "Image processed succesfully. Serving from cache"); |
---|
| 911 | return $this->serveCacheFile(); |
---|
| 912 | } else { |
---|
| 913 | return false; |
---|
| 914 | } |
---|
| 915 | } |
---|
| 916 | protected function serveExternalImage(){ |
---|
| 917 | if(! preg_match('/^https?:\/\/[a-zA-Z0-9\-\.]+/i', $this->src)){ |
---|
| 918 | $this->error("Invalid URL supplied."); |
---|
| 919 | return false; |
---|
| 920 | } |
---|
| 921 | $tempfile = tempnam($this->cacheDirectory, 'timthumb'); |
---|
| 922 | $this->debug(3, "Fetching external image into temporary file $tempfile"); |
---|
| 923 | $this->toDelete($tempfile); |
---|
| 924 | #fetch file here |
---|
| 925 | if(! $this->getURL($this->src, $tempfile)){ |
---|
| 926 | @unlink($this->cachefile); |
---|
| 927 | touch($this->cachefile); |
---|
| 928 | $this->debug(3, "Error fetching URL: " . $this->lastURLError); |
---|
| 929 | $this->error("Error reading the URL you specified from remote host." . $this->lastURLError); |
---|
| 930 | return false; |
---|
| 931 | } |
---|
[11699] | 932 | |
---|
[11944] | 933 | $mimeType = $this->getMimeType($tempfile); |
---|
| 934 | if(! preg_match("/^image\/(?:jpg|jpeg|gif|png)$/i", $mimeType)){ |
---|
| 935 | $this->debug(3, "Remote file has invalid mime type: $mimeType"); |
---|
| 936 | @unlink($this->cachefile); |
---|
| 937 | touch($this->cachefile); |
---|
| 938 | $this->error("The remote file is not a valid image."); |
---|
| 939 | return false; |
---|
[11699] | 940 | } |
---|
[11944] | 941 | if($this->processImageAndWriteToCache($tempfile)){ |
---|
| 942 | $this->debug(3, "Image processed succesfully. Serving from cache"); |
---|
| 943 | return $this->serveCacheFile(); |
---|
| 944 | } else { |
---|
| 945 | return false; |
---|
| 946 | } |
---|
[11699] | 947 | } |
---|
[11944] | 948 | public static function curlWrite($h, $d){ |
---|
| 949 | fwrite(self::$curlFH, $d); |
---|
| 950 | self::$curlDataWritten += strlen($d); |
---|
| 951 | if(self::$curlDataWritten > MAX_FILE_SIZE){ |
---|
| 952 | return 0; |
---|
| 953 | } else { |
---|
| 954 | return strlen($d); |
---|
| 955 | } |
---|
| 956 | } |
---|
| 957 | protected function serveCacheFile(){ |
---|
| 958 | $this->debug(3, "Serving {$this->cachefile}"); |
---|
| 959 | if(! is_file($this->cachefile)){ |
---|
| 960 | $this->error("serveCacheFile called in timthumb but we couldn't find the cached file."); |
---|
| 961 | return false; |
---|
| 962 | } |
---|
| 963 | $fp = fopen($this->cachefile, 'rb'); |
---|
| 964 | if(! $fp){ return $this->error("Could not open cachefile."); } |
---|
| 965 | fseek($fp, strlen($this->filePrependSecurityBlock), SEEK_SET); |
---|
| 966 | $imgType = fread($fp, 3); |
---|
| 967 | fseek($fp, 3, SEEK_CUR); |
---|
| 968 | if(ftell($fp) != strlen($this->filePrependSecurityBlock) + 6){ |
---|
| 969 | @unlink($this->cachefile); |
---|
| 970 | return $this->error("The cached image file seems to be corrupt."); |
---|
| 971 | } |
---|
| 972 | $imageDataSize = filesize($this->cachefile) - (strlen($this->filePrependSecurityBlock) + 6); |
---|
| 973 | $this->sendImageHeaders($imgType, $imageDataSize); |
---|
| 974 | $bytesSent = @fpassthru($fp); |
---|
| 975 | fclose($fp); |
---|
| 976 | if($bytesSent > 0){ |
---|
| 977 | return true; |
---|
| 978 | } |
---|
| 979 | $content = file_get_contents ($this->cachefile); |
---|
| 980 | if ($content != FALSE) { |
---|
| 981 | $content = substr($content, strlen($this->filePrependSecurityBlock) + 6); |
---|
| 982 | echo $content; |
---|
| 983 | $this->debug(3, "Served using file_get_contents and echo"); |
---|
| 984 | return true; |
---|
| 985 | } else { |
---|
| 986 | $this->error("Cache file could not be loaded."); |
---|
| 987 | return false; |
---|
| 988 | } |
---|
| 989 | } |
---|
| 990 | protected function sendImageHeaders($mimeType, $dataSize){ |
---|
[11699] | 991 | $gmdate_expires = gmdate ('D, d M Y H:i:s', strtotime ('now +10 days')) . ' GMT'; |
---|
| 992 | $gmdate_modified = gmdate ('D, d M Y H:i:s') . ' GMT'; |
---|
| 993 | // send content headers then display image |
---|
[11944] | 994 | header ('Content-Type: ' . $mimeType); |
---|
| 995 | header ('Accept-Ranges: none'); //Changed this because we don't accept range requests |
---|
[11699] | 996 | header ('Last-Modified: ' . $gmdate_modified); |
---|
[11944] | 997 | header ('Content-Length: ' . $dataSize); |
---|
| 998 | if(BROWSER_CACHE_DISABLE){ |
---|
| 999 | $this->debug(3, "Browser cache is disabled so setting non-caching headers."); |
---|
| 1000 | header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0'); |
---|
| 1001 | header("Pragma: no-cache"); |
---|
| 1002 | header('Expires: ' . gmdate ('D, d M Y H:i:s', time())); |
---|
| 1003 | } else { |
---|
| 1004 | $this->debug(3, "Browser caching is enabled"); |
---|
| 1005 | header('Cache-Control: max-age=' . BROWSER_CACHE_MAX_AGE . ', must-revalidate'); |
---|
| 1006 | header('Expires: ' . $gmdate_expires); |
---|
[11699] | 1007 | } |
---|
[11944] | 1008 | return true; |
---|
| 1009 | } |
---|
| 1010 | protected function securityChecks(){ |
---|
| 1011 | } |
---|
| 1012 | protected function param($property, $default = ''){ |
---|
| 1013 | if (isset ($_GET[$property])) { |
---|
| 1014 | return $_GET[$property]; |
---|
| 1015 | } else { |
---|
| 1016 | return $default; |
---|
| 1017 | } |
---|
| 1018 | } |
---|
| 1019 | protected function openImage($mimeType, $src){ |
---|
| 1020 | switch ($mimeType) { |
---|
| 1021 | case 'image/jpg': //This isn't a valid mime type so we should probably remove it |
---|
| 1022 | $image = imagecreatefromjpeg ($src); |
---|
| 1023 | break; |
---|
| 1024 | case 'image/jpeg': |
---|
| 1025 | $image = imagecreatefromjpeg ($src); |
---|
| 1026 | break; |
---|
[11699] | 1027 | |
---|
[11944] | 1028 | case 'image/png': |
---|
| 1029 | $image = imagecreatefrompng ($src); |
---|
| 1030 | break; |
---|
[11699] | 1031 | |
---|
[11944] | 1032 | case 'image/gif': |
---|
| 1033 | $image = imagecreatefromgif ($src); |
---|
| 1034 | break; |
---|
| 1035 | } |
---|
[11699] | 1036 | |
---|
[11944] | 1037 | return $image; |
---|
[11699] | 1038 | } |
---|
[11944] | 1039 | protected function getIP(){ |
---|
| 1040 | $rem = @$_SERVER["REMOTE_ADDR"]; |
---|
| 1041 | $ff = @$_SERVER["HTTP_X_FORWARDED_FOR"]; |
---|
| 1042 | $ci = @$_SERVER["HTTP_CLIENT_IP"]; |
---|
| 1043 | if(preg_match('/^(?:192\.168|172\.16|10\.|127\.)/', $rem)){ |
---|
| 1044 | if($ff){ return $ff; } |
---|
| 1045 | if($ci){ return $ci; } |
---|
| 1046 | return $rem; |
---|
| 1047 | } else { |
---|
| 1048 | if($rem){ return $rem; } |
---|
| 1049 | if($ff){ return $ff; } |
---|
| 1050 | if($ci){ return $ci; } |
---|
| 1051 | return "UNKNOWN"; |
---|
| 1052 | } |
---|
| 1053 | } |
---|
| 1054 | protected function debug($level, $msg){ |
---|
| 1055 | if(DEBUG_ON && $level <= DEBUG_LEVEL){ |
---|
| 1056 | $execTime = sprintf('%.6f', microtime(true) - $this->startTime); |
---|
| 1057 | $tick = sprintf('%.6f', 0); |
---|
| 1058 | if($this->lastBenchTime > 0){ |
---|
| 1059 | $tick = sprintf('%.6f', microtime(true) - $this->lastBenchTime); |
---|
[11699] | 1060 | } |
---|
[11944] | 1061 | $this->lastBenchTime = microtime(true); |
---|
| 1062 | error_log("TimThumb Debug line " . __LINE__ . " [$execTime : $tick]: $msg"); |
---|
| 1063 | } |
---|
| 1064 | } |
---|
| 1065 | protected function sanityFail($msg){ |
---|
| 1066 | return $this->error("There is a problem in the timthumb code. Message: Please report this error at <a href='http://code.google.com/p/timthumb/issues/list'>timthumb's bug tracking page</a>: $msg"); |
---|
| 1067 | } |
---|
| 1068 | protected function getMimeType($file){ |
---|
| 1069 | $info = getimagesize($file); |
---|
| 1070 | if(is_array($info) && $info['mime']){ |
---|
| 1071 | return $info['mime']; |
---|
| 1072 | } |
---|
| 1073 | return ''; |
---|
| 1074 | } |
---|
| 1075 | protected function setMemoryLimit(){ |
---|
| 1076 | $inimem = ini_get('memory_limit'); |
---|
| 1077 | $inibytes = timthumb::returnBytes($inimem); |
---|
| 1078 | $ourbytes = timthumb::returnBytes(MEMORY_LIMIT); |
---|
| 1079 | if($inibytes < $ourbytes){ |
---|
| 1080 | ini_set ('memory_limit', MEMORY_LIMIT); |
---|
| 1081 | $this->debug(3, "Increased memory from $inimem to " . MEMORY_LIMIT); |
---|
| 1082 | } else { |
---|
| 1083 | $this->debug(3, "Not adjusting memory size because the current setting is " . $inimem . " and our size of " . MEMORY_LIMIT . " is smaller."); |
---|
| 1084 | } |
---|
| 1085 | } |
---|
| 1086 | protected static function returnBytes($size_str){ |
---|
| 1087 | switch (substr ($size_str, -1)) |
---|
| 1088 | { |
---|
| 1089 | case 'M': case 'm': return (int)$size_str * 1048576; |
---|
| 1090 | case 'K': case 'k': return (int)$size_str * 1024; |
---|
| 1091 | case 'G': case 'g': return (int)$size_str * 1073741824; |
---|
| 1092 | default: return $size_str; |
---|
| 1093 | } |
---|
| 1094 | } |
---|
| 1095 | protected function getURL($url, $tempfile){ |
---|
| 1096 | $this->lastURLError = false; |
---|
| 1097 | $url = preg_replace('/ /', '%20', $url); |
---|
| 1098 | if(function_exists('curl_init')){ |
---|
| 1099 | $this->debug(3, "Curl is installed so using it to fetch URL."); |
---|
| 1100 | self::$curlFH = fopen($tempfile, 'w'); |
---|
| 1101 | if(! self::$curlFH){ |
---|
| 1102 | $this->error("Could not open $tempfile for writing."); |
---|
| 1103 | return false; |
---|
[11699] | 1104 | } |
---|
[11944] | 1105 | self::$curlDataWritten = 0; |
---|
| 1106 | $this->debug(3, "Fetching url with curl: $url"); |
---|
| 1107 | $curl = curl_init($url); |
---|
| 1108 | curl_setopt ($curl, CURLOPT_TIMEOUT, CURL_TIMEOUT); |
---|
| 1109 | curl_setopt ($curl, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30"); |
---|
| 1110 | curl_setopt ($curl, CURLOPT_RETURNTRANSFER, TRUE); |
---|
| 1111 | curl_setopt ($curl, CURLOPT_HEADER, 0); |
---|
| 1112 | curl_setopt ($curl, CURLOPT_SSL_VERIFYPEER, FALSE); |
---|
| 1113 | curl_setopt ($curl, CURLOPT_WRITEFUNCTION, 'timthumb::curlWrite'); |
---|
| 1114 | @curl_setopt ($curl, CURLOPT_FOLLOWLOCATION, true); |
---|
| 1115 | @curl_setopt ($curl, CURLOPT_MAXREDIRS, 10); |
---|
| 1116 | |
---|
| 1117 | $curlResult = curl_exec($curl); |
---|
| 1118 | fclose(self::$curlFH); |
---|
| 1119 | $httpStatus = curl_getinfo($curl, CURLINFO_HTTP_CODE); |
---|
| 1120 | if($httpStatus == 404){ |
---|
| 1121 | $this->set404(); |
---|
| 1122 | } |
---|
| 1123 | if($curlResult){ |
---|
| 1124 | curl_close($curl); |
---|
| 1125 | return true; |
---|
[11699] | 1126 | } else { |
---|
[11944] | 1127 | $this->lastURLError = curl_error($curl); |
---|
| 1128 | curl_close($curl); |
---|
| 1129 | return false; |
---|
[11699] | 1130 | } |
---|
[11944] | 1131 | } else { |
---|
| 1132 | $img = @file_get_contents ($url); |
---|
| 1133 | if($img === false){ |
---|
| 1134 | $err = error_get_last(); |
---|
| 1135 | if(is_array($err) && $err['message']){ |
---|
| 1136 | $this->lastURLError = $err['message']; |
---|
| 1137 | } else { |
---|
| 1138 | $this->lastURLError = $err; |
---|
[11699] | 1139 | } |
---|
[11944] | 1140 | if(preg_match('/404/', $this->lastURLError)){ |
---|
| 1141 | $this->set404(); |
---|
[11699] | 1142 | } |
---|
| 1143 | |
---|
[11944] | 1144 | return false; |
---|
[11699] | 1145 | } |
---|
[11944] | 1146 | if(! file_put_contents($tempfile, $img)){ |
---|
| 1147 | $this->error("Could not write to $tempfile."); |
---|
| 1148 | return false; |
---|
| 1149 | } |
---|
| 1150 | return true; |
---|
[11699] | 1151 | } |
---|
| 1152 | |
---|
| 1153 | } |
---|
[11944] | 1154 | protected function serveImg($file){ |
---|
| 1155 | $s = getimagesize($file); |
---|
| 1156 | if(! ($s && $s['mime'])){ |
---|
| 1157 | return false; |
---|
| 1158 | } |
---|
| 1159 | header ('Content-Type: ' . $s['mime']); |
---|
| 1160 | header ('Content-Length: ' . filesize($file) ); |
---|
| 1161 | header ('Cache-Control: no-store, no-cache, must-revalidate, max-age=0'); |
---|
| 1162 | header ("Pragma: no-cache"); |
---|
| 1163 | $bytes = @readfile($file); |
---|
| 1164 | if($bytes > 0){ |
---|
| 1165 | return true; |
---|
| 1166 | } |
---|
| 1167 | $content = @file_get_contents ($file); |
---|
| 1168 | if ($content != FALSE){ |
---|
| 1169 | echo $content; |
---|
| 1170 | return true; |
---|
| 1171 | } |
---|
| 1172 | return false; |
---|
[11699] | 1173 | |
---|
| 1174 | } |
---|
[11944] | 1175 | protected function set404(){ |
---|
| 1176 | $this->is404 = true; |
---|
[11699] | 1177 | } |
---|
[11944] | 1178 | protected function is404(){ |
---|
| 1179 | return $this->is404; |
---|
[11699] | 1180 | } |
---|
| 1181 | } |
---|
[11944] | 1182 | ?> |
---|