public function makethumbnail($imageType, $filename, $subdirs = "", $hash, $tparameters)
{
$basefilename = hash("md5", $filename, false);
if (strlen($subdirs) > 0) {
$subdirs = "/" . $subdirs;
}
if (!is_dir($this->_config['imageFolder'] . $subdirs . "/cache")) {
mkdir($this->_config['imageFolder'] . $subdirs . "/cache");
}
$basefolder = $this->_config['imageFolder'] . $subdirs . "/cache/{$basefilename}";
ksort($tparameters);
$hashparameters = "";
$last = key(array_slice($tparameters, -1, 1, TRUE));
foreach ($tparameters as $p => $v) {
$hashparameters .= $p . "=" . $v;
if ($p != $last) {
$hashparameters .= "&";
}
}
$phpThumb = $this->phpThumb;
$errorpage = new \UserFrosting\BaseController($this->_app);
if (!empty($phpThumb->config_high_security_enabled)) {
if (strlen($hash) !== 32) {
$phpThumb->config_disable_debug = false;
// otherwise error message won't print
return $errorpage->page404();
$phpThumb->ErrorImage('ERROR: missing hash');
}
if (PasswordStrength($phpThumb->config_high_security_password) < 20) {
error_log('Password not strong enough');
$phpThumb->config_disable_debug = false;
// otherwise error message won't print
$phpThumb->ErrorImage('ERROR: $PHPTHUMB_CONFIG[high_security_password] is not complex enough');
return $errorpage->page404();
}
$tohash = $imageType . $subdirs . "/" . $filename . $hashparameters . $this->_config['high_security_password'];
if ($hash != md5($tohash)) {
error_log('incorrect hash');
header('HTTP/1.0 403 Forbidden');
sleep(10);
// deliberate delay to discourage password-guessing
return $errorpage->page404();
$phpThumb->ErrorImage('ERROR: invalid hash');
}
}
if (!is_dir($basefolder)) {
mkdir($basefolder);
}
$output_filename = $basefolder . "/" . $hash . ".jpg";
if (file_exists($basefolder . $output_filename)) {
$this->_app->response->headers->set("Content-Type", "image/jpeg");
echo file_get_contents($output_filename);
} else {
$phpThumb->setSourceData(file_get_contents($this->_config['imageFolder'] . $subdirs . "/" . $filename));
$imgInfo = getimagesize($this->_config['imageFolder'] . $subdirs . "/" . $filename);
foreach ($tparameters as $param => $pval) {
if (strpos($param, "fltr") !== false) {
$phpThumb->setParameter("fltr", $pval);
} else {
$phpThumb->setParameter($param, $pval);
}
}
if ($phpThumb->GenerateThumbnail()) {
$this->_app->response->headers->set("Content-Type", "image/jpeg");
$phpThumb->RenderOutput();
file_put_contents($output_filename, $phpThumb->outputImageData);
echo $phpThumb->outputImageData;
} else {
// do something with debug/error messages
echo 'Failed:<pre>' . $phpThumb->fatalerror . "\n\n" . implode("\n\n", $phpThumb->debugmessages) . '</pre>';
}
}
}
$app->schema->registerJS("user", "widget-users.js");
// Groups JS
$app->schema->registerJS("group", "widget-groups.js");
}, 1);
/* TODO: enable Twig caching?
$view = $app->view();
$view->parserOptions = array(
'debug' => true,
'cache' => dirname(__FILE__) . '/cache'
);
*/
/** Plugins */
$app->hook('plugins.register', function () use($app) {
// Run initialization scripts for plugins
$var_plugins = $app->site->getPlugins();
foreach ($var_plugins as $var_plugin) {
require_once $app->config('plugins.path') . "/" . $var_plugin . "/config-plugin.php";
}
});
// Hook for core and plugins to register includes
$app->applyHook("includes.css.register");
$app->applyHook("includes.js.register");
// Register plugins
$app->applyHook("plugins.register");
if ($db_error) {
// In case the error is because someone is trying to reinstall with new db info while still logged in, log them out
session_destroy();
$controller = new \UserFrosting\BaseController($app);
$controller->pageDatabaseError();
exit;
}
$app->get('/user-image/:uid/:filename(/:parameters)/:hash', function ($uid, $filename, $parameters = "", $hash = "") use($app, $config) {
$parameters = explode("&", $parameters);
$tparameters = $config['default_parameters'];
if (count($parameters) > 0) {
foreach ($parameters as $p) {
$param = explode("=", $p);
if (count($param) === 2) {
$tparameters[$param[0]] = $param[1];
}
}
}
$thumb = new \phpThumb\ThumbController($app, $config);
if ($config['userImage_onlyThisUser'] && $uid === $app->user->id || !$config['userImage_onlyThisUser'] || $config['usersHaveSubdirectories'] && $uid === "public") {
echo $thumb->makethumbnail("user-image", $filename, $uid, $hash, $tparameters);
} else {
$errorpage = new \UserFrosting\BaseController($app);
return $errorpage->page404();
}
});
//route for public image if 'usersHaveSubdirectories' == true
$app->get('/public-image/:filename(/:parameters)/:hash', function ($filename, $parameters = "", $hash = "") use($app, $config) {
if (strlen($hash) == 0) {
$hash = $parameters;
$parameters = "";
}
if ($config['usersHaveSubdirectories'] == true) {
$imgdir = "public";
} else {
$imgdir = "";
}
$parameters = explode("&", $parameters);
