function __construct() { global $settings; $param = $this->processParams($_GET['param'], $settings['image']); $meta = $cache_file = NULL; $image_path = $param->external === true ? "http://{$param->file}" : WORKSPACE . "/{$param->file}"; Utils::log($image_path, "IMAGE PATH"); // If the image is not external check to see when the image was last modified if ($param->external !== true) { $last_modified = is_file($image_path) ? filemtime($image_path) : null; Utils::log($last_modified, "last_modified"); } else { $rules = file(WORKSPACE . '/jit-image-manipulation/trusted-sites', FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); $allowed = false; $rules = array_map('trim', $rules); if (count($rules) > 0) { foreach ($rules as $rule) { $rule = str_replace(array('http://', 'https://'), NULL, $rule); // Wildcard if ($rule == '*') { $allowed = true; break; } else { if (substr($rule, -1) == '*' && strncasecmp($param->file, $rule, strlen($rule) - 1) == 0) { $allowed = true; break; } else { if (strncasecmp($rule, $param->file, strlen($rule)) == 0) { $allowed = true; break; } else { if (substr($rule, 0, 1) == '*' && preg_match("/(" . substr(substr($rule, -1) == '*' ? rtrim($rule, "/*") : $rule, 2) . ")/", $param->file)) { $allowed = true; break; } } } } } } if ($allowed == false) { Page::renderStatusCode(Page::HTTP_STATUS_FORBIDDEN); exit(sprintf('Error: Connecting to %s is not permitted.', $param->file)); } $last_modified = strtotime(Image::getHttpHeaderFieldValue($image_path, 'Last-Modified')); } // if there is no `$last_modified` value, params should be NULL and headers // should not be set. Otherwise, set caching headers for the browser. if ($last_modified) { $last_modified_gmt = gmdate('D, d M Y H:i:s', $last_modified) . ' GMT'; $etag = md5($last_modified . $image_path); Utils::log($last_modified_gmt, "last_modified_gmt"); header('Last-Modified: ' . $last_modified_gmt); header(sprintf('ETag: "%s"', $etag)); header('Cache-Control: public'); } else { $last_modified_gmt = NULL; $etag = NULL; } // Check to see if the requested image needs to be generated or if a 304 // can just be returned to the browser to use it's cached version. if (CACHING === true && (isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) || isset($_SERVER['HTTP_IF_NONE_MATCH']))) { if ($_SERVER['HTTP_IF_MODIFIED_SINCE'] == $last_modified_gmt || str_replace('"', NULL, stripslashes($_SERVER['HTTP_IF_NONE_MATCH'])) == $etag) { Page::renderStatusCode(Page::HTTP_NOT_MODIFIED); Utils::log("Returning 304 code"); exit; } } // The 'image_path' may change and point to a cache file, but we will // still need to know which file is supposed to be processed. $original_file = $image_path; // If CACHING is enabled, check to see that the cached file is still valid. if (CACHING === true) { $cache_file = sprintf('%s/%s_%s', CACHE, md5($_REQUEST['param'] . intval($settings['image']['quality']) . filemtime($image_path)), basename($image_path)); Utils::log($cache_file, "CACHE FILE NAME"); // Cache has expired or doesn't exist /* if (is_file($cache_file) && (filemtime($cache_file) < $last_modified)) { unlink($cache_file); } else if (is_file($cache_file)) { $image_path = $cache_file; touch($cache_file); $param->mode = MODE_NONE; } */ if (is_file($cache_file)) { Utils::log($cache_file, "Reading cache file"); $image_path = $cache_file; $param->mode = MODE_NONE; } } $this->param = $param; $this->image_path = $image_path; $this->last_modified = $last_modified; $this->cache_file = $cache_file; $this->settings = $settings; //Utils::log($this); }