function AntiOffsiteLinking() { // Optional anti-offsite hijacking of the thumbnail script $allow = true; if ($allow && $this->config_nooffsitelink_enabled && (@$_SERVER['HTTP_REFERER'] || $this->config_nooffsitelink_require_refer)) { $this->DebugMessage('AntiOffsiteLinking() checking $_SERVER[HTTP_REFERER] "' . @$_SERVER['HTTP_REFERER'] . '"', __FILE__, __LINE__); $parsed_url = parse_url(@$_SERVER['HTTP_REFERER']); if (!phpthumb_functions::CaseInsensitiveInArray(@$parsed_url['host'], $this->config_nooffsitelink_valid_domains)) { $allow = false; $erase = $this->config_nooffsitelink_erase_image; $message = $this->config_nooffsitelink_text_message; $this->DebugMessage('AntiOffsiteLinking() - "' . @$parsed_url['host'] . '" is NOT in $this->config_nooffsitelink_valid_domains (' . implode(';', $this->config_nooffsitelink_valid_domains) . ')', __FILE__, __LINE__); } else { $this->DebugMessage('AntiOffsiteLinking() - "' . @$parsed_url['host'] . '" is in $this->config_nooffsitelink_valid_domains (' . implode(';', $this->config_nooffsitelink_valid_domains) . ')', __FILE__, __LINE__); } } if ($allow && $this->config_nohotlink_enabled && eregi('^(f|ht)tps?\\://', $this->src)) { $parsed_url = parse_url($this->src); if (!phpthumb_functions::CaseInsensitiveInArray(@$parsed_url['host'], $this->config_nohotlink_valid_domains)) { // This domain is not allowed $allow = false; $erase = $this->config_nohotlink_erase_image; $message = $this->config_nohotlink_text_message; $this->DebugMessage('AntiOffsiteLinking() - "' . $parsed_url['host'] . '" is NOT in $this->config_nohotlink_valid_domains (' . implode(';', $this->config_nohotlink_valid_domains) . ')', __FILE__, __LINE__); } else { $this->DebugMessage('AntiOffsiteLinking() - "' . $parsed_url['host'] . '" is in $this->config_nohotlink_valid_domains (' . implode(';', $this->config_nohotlink_valid_domains) . ')', __FILE__, __LINE__); } } if ($allow) { $this->DebugMessage('AntiOffsiteLinking() says this is allowed', __FILE__, __LINE__); return true; } if (!phpthumb_functions::IsHexColor($this->config_error_bgcolor)) { return $this->ErrorImage('Invalid hex color string "' . $this->config_error_bgcolor . '" for $this->config_error_bgcolor'); } if (!phpthumb_functions::IsHexColor($this->config_error_textcolor)) { return $this->ErrorImage('Invalid hex color string "' . $this->config_error_textcolor . '" for $this->config_error_textcolor'); } if ($erase) { return $this->ErrorImage($message, $this->thumbnail_width, $this->thumbnail_height, $this->config_error_bgcolor, $this->config_error_textcolor, $this->config_error_fontsize); } else { $nohotlink_text_array = explode("\n", wordwrap($message, floor($this->thumbnail_width / ImageFontWidth($this->config_error_fontsize)), "\n")); $nohotlink_text_color = phpthumb_functions::ImageHexColorAllocate($this->gdimg_output, $this->config_error_textcolor); $topoffset = round(($this->thumbnail_height - count($nohotlink_text_array) * ImageFontHeight($this->config_error_fontsize)) / 2); $rowcounter = 0; $this->DebugMessage('AntiOffsiteLinking() writing ' . count($nohotlink_text_array) . ' lines of text "' . $message . '" (in #' . $this->config_error_textcolor . ') on top of image', __FILE__, __LINE__); foreach ($nohotlink_text_array as $dummy => $textline) { $leftoffset = max(0, round(($this->thumbnail_width - strlen($textline) * ImageFontWidth($this->config_error_fontsize)) / 2)); ImageString($this->gdimg_output, $this->config_error_fontsize, $leftoffset, $topoffset + $rowcounter++ * ImageFontHeight($this->config_error_fontsize), $textline, $nohotlink_text_color); } } return true; }
function setOutputFormat() { static $alreadyCalled = false; if ($this->thumbnailFormat && $alreadyCalled) { return true; } $alreadyCalled = true; $AvailableImageOutputFormats = array(); $AvailableImageOutputFormats[] = 'text'; if (@is_readable(dirname(__FILE__) . '/phpthumb.ico.php')) { $AvailableImageOutputFormats[] = 'ico'; } if (@is_readable(dirname(__FILE__) . '/phpthumb.bmp.php')) { $AvailableImageOutputFormats[] = 'bmp'; } $this->thumbnailFormat = 'ico'; // Set default output format based on what image types are available if (function_exists('ImageTypes')) { $imagetypes = ImageTypes(); if ($imagetypes & IMG_WBMP) { $this->thumbnailFormat = 'wbmp'; $AvailableImageOutputFormats[] = 'wbmp'; } if ($imagetypes & IMG_GIF) { $this->thumbnailFormat = 'gif'; $AvailableImageOutputFormats[] = 'gif'; } if ($imagetypes & IMG_PNG) { $this->thumbnailFormat = 'png'; $AvailableImageOutputFormats[] = 'png'; } if ($imagetypes & IMG_JPG) { $this->thumbnailFormat = 'jpeg'; $AvailableImageOutputFormats[] = 'jpeg'; } } else { //return $this->ErrorImage('ImageTypes() does not exist - GD support might not be enabled?'); $this->DebugMessage('ImageTypes() does not exist - GD support might not be enabled?', __FILE__, __LINE__); } if ($this->ImageMagickVersion()) { $IMformats = array('jpeg', 'png', 'gif', 'bmp', 'ico', 'wbmp'); $this->DebugMessage('Addding ImageMagick formats to $AvailableImageOutputFormats (' . implode(';', $AvailableImageOutputFormats) . ')', __FILE__, __LINE__); foreach ($IMformats as $key => $format) { $AvailableImageOutputFormats[] = $format; } } $AvailableImageOutputFormats = array_unique($AvailableImageOutputFormats); $this->DebugMessage('$AvailableImageOutputFormats = array(' . implode(';', $AvailableImageOutputFormats) . ')', __FILE__, __LINE__); $this->f = preg_replace('#[^a-z]#', '', strtolower($this->f)); if (strtolower($this->config_output_format) == 'jpg') { $this->config_output_format = 'jpeg'; } if (strtolower($this->f) == 'jpg') { $this->f = 'jpeg'; } if (phpthumb_functions::CaseInsensitiveInArray($this->config_output_format, $AvailableImageOutputFormats)) { // set output format to config default if that format is available $this->DebugMessage('$this->thumbnailFormat set to $this->config_output_format "' . strtolower($this->config_output_format) . '"', __FILE__, __LINE__); $this->thumbnailFormat = strtolower($this->config_output_format); } elseif ($this->config_output_format) { $this->DebugMessage('$this->thumbnailFormat staying as "' . $this->thumbnailFormat . '" because $this->config_output_format (' . strtolower($this->config_output_format) . ') is not in $AvailableImageOutputFormats', __FILE__, __LINE__); } if ($this->f && phpthumb_functions::CaseInsensitiveInArray($this->f, $AvailableImageOutputFormats)) { // override output format if $this->f is set and that format is available $this->DebugMessage('$this->thumbnailFormat set to $this->f "' . strtolower($this->f) . '"', __FILE__, __LINE__); $this->thumbnailFormat = strtolower($this->f); } elseif ($this->f) { $this->DebugMessage('$this->thumbnailFormat staying as "' . $this->thumbnailFormat . '" because $this->f (' . strtolower($this->f) . ') is not in $AvailableImageOutputFormats', __FILE__, __LINE__); } // for JPEG images, quality 1 (worst) to 99 (best) // quality < 25 is nasty, with not much size savings - not recommended // problems with 100 - invalid JPEG? $this->thumbnailQuality = max(1, min(99, $this->q ? intval($this->q) : 75)); $this->DebugMessage('$this->thumbnailQuality set to "' . $this->thumbnailQuality . '"', __FILE__, __LINE__); return true; }
function AntiOffsiteLinking() { // Optional anti-offsite hijacking of the thumbnail script $allow = true; if ($allow && $this->config_nooffsitelink_enabled && (@$_SERVER['HTTP_REFERER'] || $this->config_nooffsitelink_require_refer)) { $this->DebugMessage('AntiOffsiteLinking() checking $_SERVER[HTTP_REFERER] "' . @$_SERVER['HTTP_REFERER'] . '"', __FILE__, __LINE__); foreach ($this->config_nooffsitelink_valid_domains as $key => $valid_domain) { // $_SERVER['HTTP_HOST'] contains the port number, so strip it out here to make default configuration work list($clean_domain) = explode(':', $valid_domain); $this->config_nooffsitelink_valid_domains[$key] = $clean_domain; } $parsed_url = parse_url(@$_SERVER['HTTP_REFERER']); if (!phpthumb_functions::CaseInsensitiveInArray(@$parsed_url['host'], $this->config_nooffsitelink_valid_domains)) { $allow = false; $erase = $this->config_nooffsitelink_erase_image; $message = $this->config_nooffsitelink_text_message; $this->ErrorImage('AntiOffsiteLinking() - "' . @$parsed_url['host'] . '" is NOT in $this->config_nooffsitelink_valid_domains (' . implode(';', $this->config_nooffsitelink_valid_domains) . ')'); exit; $this->DebugMessage('AntiOffsiteLinking() - "' . @$parsed_url['host'] . '" is NOT in $this->config_nooffsitelink_valid_domains (' . implode(';', $this->config_nooffsitelink_valid_domains) . ')', __FILE__, __LINE__); } else { $this->DebugMessage('AntiOffsiteLinking() - "' . @$parsed_url['host'] . '" is in $this->config_nooffsitelink_valid_domains (' . implode(';', $this->config_nooffsitelink_valid_domains) . ')', __FILE__, __LINE__); } } if ($allow && $this->config_nohotlink_enabled && eregi('^(f|ht)tps?\\://', $this->src)) { $parsed_url = parse_url($this->src); if (!phpthumb_functions::CaseInsensitiveInArray(@$parsed_url['host'], $this->config_nohotlink_valid_domains)) { // This domain is not allowed $allow = false; $erase = $this->config_nohotlink_erase_image; $message = $this->config_nohotlink_text_message; $this->DebugMessage('AntiOffsiteLinking() - "' . $parsed_url['host'] . '" is NOT in $this->config_nohotlink_valid_domains (' . implode(';', $this->config_nohotlink_valid_domains) . ')', __FILE__, __LINE__); } else { $this->DebugMessage('AntiOffsiteLinking() - "' . $parsed_url['host'] . '" is in $this->config_nohotlink_valid_domains (' . implode(';', $this->config_nohotlink_valid_domains) . ')', __FILE__, __LINE__); } } if ($allow) { $this->DebugMessage('AntiOffsiteLinking() says this is allowed', __FILE__, __LINE__); return true; } if (!phpthumb_functions::IsHexColor($this->config_error_bgcolor)) { return $this->ErrorImage('Invalid hex color string "' . $this->config_error_bgcolor . '" for $this->config_error_bgcolor'); } if (!phpthumb_functions::IsHexColor($this->config_error_textcolor)) { return $this->ErrorImage('Invalid hex color string "' . $this->config_error_textcolor . '" for $this->config_error_textcolor'); } if ($erase) { return $this->ErrorImage($message, $this->thumbnail_width, $this->thumbnail_height, $this->config_error_bgcolor, $this->config_error_textcolor, $this->config_error_fontsize); } else { $this->config_nooffsitelink_watermark_src = $this->ResolveFilenameToAbsolute($this->config_nooffsitelink_watermark_src); if (is_file($this->config_nooffsitelink_watermark_src)) { if (!(include_once dirname(__FILE__) . '/phpthumb.filters.php')) { $this->DebugMessage('Error including "' . dirname(__FILE__) . '/phpthumb.filters.php" which is required for applying watermark', __FILE__, __LINE__); return false; } $watermark_img = $this->ImageCreateFromStringReplacement(file_get_contents($this->config_nooffsitelink_watermark_src)); $phpthumbFilters = new phpthumb_filters(); $phpthumbFilters->phpThumbObject = $this; $opacity = 50; $margin = 5; $phpthumbFilters->WatermarkOverlay($this->gdimg_output, $watermark_img, '*', $opacity, $margin); ImageDestroy($watermark_img); unset($phpthumbFilters); } else { $nohotlink_text_array = explode("\n", wordwrap($message, floor($this->thumbnail_width / ImageFontWidth($this->config_error_fontsize)), "\n")); $nohotlink_text_color = phpthumb_functions::ImageHexColorAllocate($this->gdimg_output, $this->config_error_textcolor); $topoffset = round(($this->thumbnail_height - count($nohotlink_text_array) * ImageFontHeight($this->config_error_fontsize)) / 2); $rowcounter = 0; $this->DebugMessage('AntiOffsiteLinking() writing ' . count($nohotlink_text_array) . ' lines of text "' . $message . '" (in #' . $this->config_error_textcolor . ') on top of image', __FILE__, __LINE__); foreach ($nohotlink_text_array as $textline) { $leftoffset = max(0, round(($this->thumbnail_width - strlen($textline) * ImageFontWidth($this->config_error_fontsize)) / 2)); ImageString($this->gdimg_output, $this->config_error_fontsize, $leftoffset, $topoffset + $rowcounter++ * ImageFontHeight($this->config_error_fontsize), $textline, $nohotlink_text_color); } } } return true; }