Page 1 of 1:
Work

 
Sheep
FileSheep Administrator

Joined: 20th June 2010
Location: United Kingdom
Posts: 140
// Ignore



<?php

/*
Base directory: Only filenames within this directory will be loaded.
*/
$basepath = '';

/*
Maximum size (Width/height) of a generated image, pixels
*/
$max_image_w = 2048;
$max_image_h = 2048;

/*
Checking for an array avoids array to string information disclosure attacks
Can reveal internal filenames and affect scripts (Especially string functions)
*/
if(isset($_GET['src']) && !is_array($_GET['src'])) {
$filedata = pathinfo($_GET['src']);
if(file_exists($basepath . $filedata['basename'])) {
switch($filedata['extension']) {
case 'png':
$image = imagecreatefrompng($basepath . $filedata['basename']);
break;
case 'jpg':
$image = imagecreatefromjpeg($basepath . $filedata['basename']);
break;
case 'gif':
$image = imagecreatefromgif($basepath . $filedata['basename']);
break;
default:
$image = imagecreatefrompng($basepath . $not_found_image);
imagepng($image);
die();
break;
}
if($image) {
$image_w = 0;
$image_h = 0;
$image_x = 0;
$image_y = 0;
if(isset($_GET['w']) && !is_array($_GET['w'])) {
$image_w = intval($_GET['w']);
if($image_w > $max_image_w) {
$image_w = $max_image_w;
}
}
if(isset($_GET['h']) && !is_array($_GET['h'])) {
$image_h = intval($_GET['h']);
if($image_h > $max_image_h) {
$image_h = $max_image_h;
}
}
if(isset($_GET['x']) && !is_array($_GET['x'])) {
$image_x = intval($_GET['x']);
if($image_x > $max_image_w) {
$image_x = $max_image_w;
}
}
if(isset($_GET['y']) && !is_array($_GET['y'])) {
$image_y = intval($_GET['y']);
if($image_y > $max_image_h) {
$image_y = $max_image_h;
}
}
if($image_w && $image_h) {
$image_out = imagecreatetruecolor($image_w, $image_h);
if(isset($_GET['crop'])) {
imagecopy($image_out, $image, 0, 0, $image_x, $image_y, $image_w, $image_h);
}
else
{
imagecopyresized($image_out, $image, 0, 0, $image_x, $image_y, $image_w, $image_h);
header('Content-type: image/png');
imagepng($image_out);
}
}
else
{
echo "No image dimensions";
}
}
else
{
echo 'No image resource';
}
}
else
{
echo 'No image found';
}
}
else
{
echo 'No source image';
}
Sheep - FileSheep Lead Developer


Quick bug report guide:
Spoiler

  • Make a thread in the bug report forum.
  • Include OS, browser, version.
  • Include a screenshot or a detailed description of the issue.
  • Assume any response from FileTrekker is him saying that he's made me look at it.
  • Expect a fix or explanation to follow shortly afterwards.


08th July 2011You do not have permission to reply.  


RE: Work

 
Sheep
FileSheep Administrator

Joined: 20th June 2010
Location: United Kingdom
Posts: 140
And now that I'm home, I can pick this up again.



Feel free to continue to ignore this thread.
Sheep - FileSheep Lead Developer


Quick bug report guide:
Spoiler

  • Make a thread in the bug report forum.
  • Include OS, browser, version.
  • Include a screenshot or a detailed description of the issue.
  • Assume any response from FileTrekker is him saying that he's made me look at it.
  • Expect a fix or explanation to follow shortly afterwards.


08th July 2011You do not have permission to reply.  


RE: Work

 
Mikey
Supreme Banana Bender

Joined: 05th July 2010
Location: United Kingdom
Posts: 83
[code]

// hello

[/code]

08th July 2011You do not have permission to reply.