// No path traversing in file name
if (preg_match("/[^a-zA-Z0-9._-]/", $matches[2])) {
header('HTTP/1.1 403 Forbidden');
exit;
}
$KokenAPI = new KokenAPI();
$settings = $KokenAPI->get('/settings');
if ($custom) {
$original = $root . $ds . 'storage' . $ds . 'custom' . $ds . preg_replace('/\\-(jpe?g|gif|png)$/i', '.$1', $matches[2]);
list($source_width, $source_height) = getimagesize($original);
} else {
$id = (int) str_replace('/', '', $matches[1]);
$content = $KokenAPI->get('/content/' . $id);
$original_info = pathinfo($content['filename']);
if (!isset($content['html']) && strtolower($original_info['filename']) !== strtolower($matches[2])) {
$KokenAPI->clear();
header('HTTP/1.1 404 Not Found');
exit;
}
if (isset($content['original']['preview'])) {
if (isset($content['original']['preview']['relative_url'])) {
$original = $root . $content['original']['preview']['relative_url'];
} else {
$original = $content['original']['preview']['url'];
}
$source_width = $content['original']['preview']['width'];
$source_height = $content['original']['preview']['height'];
} else {
if (isset($content['original']['relative_url'])) {
$original = $root . $content['original']['relative_url'];
} else {
