Server : Apache System : Linux indy02.toastserver.com 3.10.0-962.3.2.lve1.5.85.el7.x86_64 #1 SMP Thu Apr 18 15:18:36 UTC 2024 x86_64 User : palandch ( 1163) PHP Version : 7.1.33 Disable Function : NONE Directory : /home/palandch/www/core/model/phpthumb/ |
<?php
/**
* @package modx
* @subpackage phpthumb
*/
require_once MODX_CORE_PATH.'model/phpthumb/phpthumb.class.php';
/**
* Helper class to extend phpThumb and simplify thumbnail generation process
* since phpThumb class is overly convoluted and doesn't do enough.
*
* @package modx
* @subpackage phpthumb
*/
class modPhpThumb extends phpThumb {
function __construct(modX &$modx,array $config = array()) {
$this->modx =& $modx;
$this->config = array_merge(array(
),$config);
parent::__construct();
}
/**
* Setup some site-wide phpthumb options from modx config
*/
public function initialize() {
$cachePath = $this->modx->getOption('core_path',null,MODX_CORE_PATH).'cache/phpthumb/';
if (!is_dir($cachePath)) $this->modx->cacheManager->writeTree($cachePath);
$this->setParameter('config_cache_directory',$cachePath);
$this->setCacheDirectory();
$this->setParameter('config_allow_src_above_docroot',(boolean)$this->modx->getOption('phpthumb_allow_src_above_docroot',$this->config,false));
$this->setParameter('config_cache_maxage',(float)$this->modx->getOption('phpthumb_cache_maxage',$this->config,30) * 86400);
$this->setParameter('config_cache_maxsize',(float)$this->modx->getOption('phpthumb_cache_maxsize',$this->config,100) * 1024 * 1024);
$this->setParameter('config_cache_maxfiles',(int)$this->modx->getOption('phpthumb_cache_maxfiles',$this->config,10000));
$this->setParameter('config_error_bgcolor',(string)$this->modx->getOption('phpthumb_error_bgcolor',$this->config,'CCCCFF'));
$this->setParameter('config_error_textcolor',(string)$this->modx->getOption('phpthumb_error_textcolor',$this->config,'FF0000'));
$this->setParameter('config_error_fontsize',(int)$this->modx->getOption('phpthumb_error_fontsize',$this->config,1));
$this->setParameter('config_nohotlink_enabled',(boolean)$this->modx->getOption('phpthumb_nohotlink_enabled',$this->config,true));
$this->setParameter('config_nohotlink_valid_domains',explode(',', $this->modx->getOption('phpthumb_nohotlink_valid_domains',$this->config,$this->modx->getOption('http_host'))));
$this->setParameter('config_nohotlink_erase_image',(boolean)$this->modx->getOption('phpthumb_nohotlink_erase_image',$this->config,true));
$this->setParameter('config_nohotlink_text_message',(string)$this->modx->getOption('phpthumb_nohotlink_text_message',$this->config,'Off-server thumbnailing is not allowed'));
$this->setParameter('config_nooffsitelink_enabled',(boolean)$this->modx->getOption('phpthumb_nooffsitelink_enabled',$this->config,false));
$this->setParameter('config_nooffsitelink_valid_domains',explode(',', $this->modx->getOption('phpthumb_nooffsitelink_valid_domains',$this->config,$this->modx->getOption('http_host'))));
$this->setParameter('config_nooffsitelink_require_refer',(boolean)$this->modx->getOption('phpthumb_nooffsitelink_require_refer',$this->config,false));
$this->setParameter('config_nooffsitelink_erase_image',(boolean)$this->modx->getOption('phpthumb_nooffsitelink_erase_image',$this->config,true));
$this->setParameter('config_nooffsitelink_watermark_src',(string)$this->modx->getOption('phpthumb_nooffsitelink_watermark_src',$this->config,''));
$this->setParameter('config_nooffsitelink_text_message',(string)$this->modx->getOption('phpthumb_nooffsitelink_text_message',$this->config,'Off-server linking is not allowed'));
$this->setParameter('cache_source_enabled',(boolean)$this->modx->getOption('phpthumb_cache_source_enabled',$this->config,false));
$this->setParameter('cache_source_directory',$cachePath.'source/');
$this->setParameter('allow_local_http_src',true);
$this->setParameter('zc',$this->modx->getOption('zc',$_REQUEST,$this->modx->getOption('phpthumb_zoomcrop',$this->config,0)));
$this->setParameter('far',$this->modx->getOption('far',$_REQUEST,$this->modx->getOption('phpthumb_far',$this->config,'C')));
$this->setParameter('cache_directory_depth',4);
$this->setParameter('config_ttf_directory',$this->modx->getOption('core_path',$this->config,MODX_CORE_PATH).'model/phpthumb/fonts/');
$documentRoot = $this->modx->getOption('phpthumb_document_root',$this->config, '');
if ($documentRoot == '') $documentRoot = $this->modx->getOption('base_path', null, '');
if (!empty($documentRoot)) {
$this->setParameter('config_document_root',$documentRoot);
}
/* iterate through properties */
foreach ($this->config as $property => $value) {
$this->setParameter($property,$value);
}
return true;
}
/**
* Sets the source image
*/
public function set($src) {
$src = rawurldecode($src);
if (empty($src)) return '';
return $this->setSourceFilename($src);
}
/**
* Check to see if cached file already exists
*/
public function checkForCachedFile() {
$this->setCacheFilename();
if (file_exists($this->cache_filename) && is_readable($this->cache_filename)) {
return true;
}
return false;
}
/**
* Load cached file
*/
public function loadCache() {
$this->RedirectToCachedFile();
}
/**
* Cache the generated thumbnail.
*/
public function cache() {
phpthumb_functions::EnsureDirectoryExists(dirname($this->cache_filename));
if ((file_exists($this->cache_filename) && is_writable($this->cache_filename)) || is_writable(dirname($this->cache_filename))) {
$this->CleanUpCacheDirectory();
if ($this->RenderToFile($this->cache_filename) && is_readable($this->cache_filename)) {
chmod($this->cache_filename, 0644);
$this->RedirectToCachedFile();
}
}
}
/**
* Generate a thumbnail
*/
public function generate() {
if (!$this->GenerateThumbnail()) {
$this->modx->log(modX::LOG_LEVEL_ERROR,'phpThumb was unable to generate a thumbnail for: '.$this->cache_filename);
return false;
}
return true;
}
/**
* Output a thumbnail.
*/
public function output() {
$output = $this->OutputThumbnail();
if (!$output) {
$this->modx->log(modx::LOG_LEVEL_ERROR,'Error outputting thumbnail:'."\n".$this->debugmessages[(count($this->debugmessages) - 1)]);
}
return $output;
}
/** PHPTHUMB HELPER METHODS **/
public function RedirectToCachedFile() {
$nice_cachefile = str_replace(DIRECTORY_SEPARATOR, '/', $this->cache_filename);
$nice_docroot = str_replace(DIRECTORY_SEPARATOR, '/', rtrim($this->config_document_root, '/\\'));
$parsed_url = phpthumb_functions::ParseURLbetter(@$_SERVER['HTTP_REFERER']);
$nModified = filemtime($this->cache_filename);
if ($this->config_nooffsitelink_enabled && @$_SERVER['HTTP_REFERER'] && !in_array(@$parsed_url['host'], $this->config_nooffsitelink_valid_domains)) {
$this->DebugMessage('Would have used cached (image/'.$this->thumbnailFormat.') file "'.$this->cache_filename.'" (Last-Modified: '.gmdate('D, d M Y H:i:s', $nModified).' GMT), but skipping because $_SERVER[HTTP_REFERER] ('.@$_SERVER['HTTP_REFERER'].') is not in $this->config_nooffsitelink_valid_domains ('.implode(';', $this->config_nooffsitelink_valid_domains).')', __FILE__, __LINE__);
} elseif ($this->phpThumbDebug) {
$this->DebugTimingMessage('skipped using cached image', __FILE__, __LINE__);
$this->DebugMessage('Would have used cached file, but skipping due to phpThumbDebug', __FILE__, __LINE__);
$this->DebugMessage('* Would have sent headers (1): Last-Modified: '.gmdate('D, d M Y H:i:s', $nModified).' GMT', __FILE__, __LINE__);
$getimagesize = @GetImageSize($this->cache_filename);
if ($getimagesize) {
$this->DebugMessage('* Would have sent headers (2): Content-Type: '.phpthumb_functions::ImageTypeToMIMEtype($getimagesize[2]), __FILE__, __LINE__);
}
if (ereg('^'.preg_quote($nice_docroot).'(.*)$', $nice_cachefile, $matches)) {
$this->DebugMessage('* Would have sent headers (3): Location: '.dirname($matches[1]).'/'.urlencode(basename($matches[1])), __FILE__, __LINE__);
} else {
$this->DebugMessage('* Would have sent data: readfile('.$this->cache_filename.')', __FILE__, __LINE__);
}
} else {
/*
if (headers_sent()) {
$this->ErrorImage('Headers already sent ('.basename(__FILE__).' line '.__LINE__.')');
exit;
}*/
$this->SendSaveAsFileHeaderIfNeeded();
header('Last-Modified: '.gmdate('D, d M Y H:i:s', $nModified).' GMT');
if (@$_SERVER['HTTP_IF_MODIFIED_SINCE'] && ($nModified == strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE'])) && @$_SERVER['SERVER_PROTOCOL']) {
header($_SERVER['SERVER_PROTOCOL'].' 304 Not Modified');
exit;
}
$getimagesize = @GetImageSize($this->cache_filename);
if ($getimagesize) {
header('Content-Type: '.phpthumb_functions::ImageTypeToMIMEtype($getimagesize[2]));
} elseif (eregi('\.ico$', $this->cache_filename)) {
header('Content-Type: image/x-icon');
}
if (!$this->config_cache_force_passthru && ereg('^'.preg_quote($nice_docroot).'(.*)$', $nice_cachefile, $matches)) {
header('Location: '.dirname($matches[1]).'/'.urlencode(basename($matches[1])));
} else {
@readfile($this->cache_filename);
}
session_write_close();
exit;
}
return true;
}
public function SendSaveAsFileHeaderIfNeeded() {
if (headers_sent()) {
return false;
}
$downloadfilename = phpthumb_functions::SanitizeFilename(@$_GET['sia'] ? $_GET['sia'] : (@$_GET['down'] ? $_GET['down'] : 'phpThumb_generated_thumbnail'.(@$_GET['f'] ? $_GET['f'] : 'jpg')));
if (@$downloadfilename) {
$this->DebugMessage('SendSaveAsFileHeaderIfNeeded() sending header: Content-Disposition: '.(@$_GET['down'] ? 'attachment' : 'inline').'; filename="'.$downloadfilename.'"', __FILE__, __LINE__);
header('Content-Disposition: '.(@$_GET['down'] ? 'attachment' : 'inline').'; filename="'.$downloadfilename.'"');
}
return true;
}
function ResolveFilenameToAbsolute($filename) {
if (empty($filename)) {
return false;
}
if (preg_match('#^[a-z0-9]+\:/{1,2}#i', $filename)) {
// eg: http://host/path/file.jpg (HTTP URL)
// eg: ftp://host/path/file.jpg (FTP URL)
// eg: data1:/path/file.jpg (Netware path)
//$AbsoluteFilename = $filename;
return $filename;
} elseif ($this->iswindows && isset($filename{1}) && ($filename{1} == ':')) {
// absolute pathname (Windows)
$AbsoluteFilename = $filename;
} elseif ($this->iswindows && ((substr($filename, 0, 2) == '//') || (substr($filename, 0, 2) == '\\\\'))) {
// absolute pathname (Windows)
$AbsoluteFilename = $filename;
} elseif ($filename{0} == '/') {
if (@is_readable($filename) && !@is_readable($this->config_document_root.$filename)) {
// absolute filename (*nix)
$AbsoluteFilename = $filename;
} elseif (isset($filename{1}) && ($filename{1} == '~')) {
// /~user/path
if ($ApacheLookupURIarray = phpthumb_functions::ApacheLookupURIarray($filename)) {
$AbsoluteFilename = $ApacheLookupURIarray['filename'];
} else {
$AbsoluteFilename = realpath($filename);
if (@is_readable($AbsoluteFilename)) {
$this->DebugMessage('phpthumb_functions::ApacheLookupURIarray() failed for "'.$filename.'", but the correct filename ('.$AbsoluteFilename.') seems to have been resolved with realpath($filename)', __FILE__, __LINE__);
} elseif (is_dir(dirname($AbsoluteFilename))) {
$this->DebugMessage('phpthumb_functions::ApacheLookupURIarray() failed for "'.dirname($filename).'", but the correct directory ('.dirname($AbsoluteFilename).') seems to have been resolved with realpath(.)', __FILE__, __LINE__);
} else {
return $this->ErrorImage('phpthumb_functions::ApacheLookupURIarray() failed for "'.$filename.'". This has been known to fail on Apache2 - try using the absolute filename for the source image (ex: "/home/user/httpdocs/image.jpg" instead of "/~user/image.jpg")');
}
}
} else {
// relative filename (any OS)
if (preg_match('#^'.preg_quote($this->config_document_root).'#', $filename)) {
$AbsoluteFilename = $filename;
$this->DebugMessage('ResolveFilenameToAbsolute() NOT prepending $this->config_document_root ('.$this->config_document_root.') to $filename ('.$filename.') resulting in ($AbsoluteFilename = "'.$AbsoluteFilename.'")', __FILE__, __LINE__);
} else {
$AbsoluteFilename = $this->config_document_root.$filename;
$this->DebugMessage('ResolveFilenameToAbsolute() prepending $this->config_document_root ('.$this->config_document_root.') to $filename ('.$filename.') resulting in ($AbsoluteFilename = "'.$AbsoluteFilename.'")', __FILE__, __LINE__);
}
}
} else {
// relative to current directory (any OS)
$AbsoluteFilename = $this->config_document_root.preg_replace('#[/\\\\]#', DIRECTORY_SEPARATOR, dirname(@$_SERVER['PHP_SELF'])).DIRECTORY_SEPARATOR.preg_replace('#[/\\\\]#', DIRECTORY_SEPARATOR, $filename);
// $AbsoluteFilename = dirname(__FILE__).DIRECTORY_SEPARATOR.preg_replace('#[/\\\\]#', DIRECTORY_SEPARATOR, $filename);
$AbsoluteFilename = preg_replace('~[\/]+~', DIRECTORY_SEPARATOR, $AbsoluteFilename);
//if (!@file_exists($AbsoluteFilename) && @file_exists(realpath($this->DotPadRelativeDirectoryPath($filename)))) {
// $AbsoluteFilename = realpath($this->DotPadRelativeDirectoryPath($filename));
//}
if (substr(dirname(@$_SERVER['PHP_SELF']), 0, 2) == '/~') {
if ($ApacheLookupURIarray = phpthumb_functions::ApacheLookupURIarray(dirname(@$_SERVER['PHP_SELF']))) {
$AbsoluteFilename = $ApacheLookupURIarray['filename'].DIRECTORY_SEPARATOR.$filename;
} else {
$AbsoluteFilename = realpath('.').DIRECTORY_SEPARATOR.$filename;
if (@is_readable($AbsoluteFilename)) {
$this->DebugMessage('phpthumb_functions::ApacheLookupURIarray() failed for "'.dirname(@$_SERVER['PHP_SELF']).'", but the correct filename ('.$AbsoluteFilename.') seems to have been resolved with realpath(.)/$filename', __FILE__, __LINE__);
} elseif (is_dir(dirname($AbsoluteFilename))) {
$this->DebugMessage('phpthumb_functions::ApacheLookupURIarray() failed for "'.dirname(@$_SERVER['PHP_SELF']).'", but the correct directory ('.dirname($AbsoluteFilename).') seems to have been resolved with realpath(.)', __FILE__, __LINE__);
} else {
return $this->ErrorImage('phpthumb_functions::ApacheLookupURIarray() failed for "'.dirname(@$_SERVER['PHP_SELF']).'". This has been known to fail on Apache2 - try using the absolute filename for the source image');
}
}
}
}
if (is_link($AbsoluteFilename)) {
$this->DebugMessage('is_link()==true, changing "'.$AbsoluteFilename.'" to "'.readlink($AbsoluteFilename).'"', __FILE__, __LINE__);
$AbsoluteFilename = readlink($AbsoluteFilename);
}
if (realpath($AbsoluteFilename)) {
$AbsoluteFilename = realpath($AbsoluteFilename);
}
if ($this->iswindows) {
$AbsoluteFilename = preg_replace('#^'.preg_quote(realpath($this->config_document_root)).'#i', realpath($this->config_document_root), $AbsoluteFilename);
$AbsoluteFilename = str_replace(DIRECTORY_SEPARATOR, '/', $AbsoluteFilename);
}
if (!$this->config_allow_src_above_docroot && !preg_match('#^'.preg_quote(str_replace(DIRECTORY_SEPARATOR, '/', realpath($this->config_document_root))).'#', $AbsoluteFilename)) {
$this->DebugMessage('!$this->config_allow_src_above_docroot therefore setting "'.$AbsoluteFilename.'" (outside "'.realpath($this->config_document_root).'") to null', __FILE__, __LINE__);
return false;
}
if (!$this->config_allow_src_above_phpthumb && !preg_match('#^'.preg_quote(str_replace(DIRECTORY_SEPARATOR, '/', dirname(__FILE__))).'#', $AbsoluteFilename)) {
$this->DebugMessage('!$this->config_allow_src_above_phpthumb therefore setting "'.$AbsoluteFilename.'" (outside "'.dirname(__FILE__).'") to null', __FILE__, __LINE__);
return false;
}
return $AbsoluteFilename;
}
}