[ Index ] |
PHP Cross Reference of phpwcms V1.5.0 _r431 (28.01.12) |
[Summary view] [Print] [Text view]
1 <?php 2 /************************************************************************************* 3 Copyright notice 4 5 (c) 2002-2012 Oliver Georgi <oliver@phpwcms.de> // All rights reserved. 6 7 This script is part of PHPWCMS. The PHPWCMS web content management system is 8 free software; you can redistribute it and/or modify it under the terms of 9 the GNU General Public License as published by the Free Software Foundation; 10 either version 2 of the License, or (at your option) any later version. 11 12 The GNU General Public License can be found at http://www.gnu.org/copyleft/gpl.html 13 A copy is found in the textfile GPL.txt and important notices to the license 14 from the author is found in LICENSE.txt distributed with these scripts. 15 16 This script is distributed in the hope that it will be useful, but WITHOUT ANY 17 WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A 18 PARTICULAR PURPOSE. See the GNU General Public License for more details. 19 20 This copyright notice MUST APPEAR in all copies of the script! 21 *************************************************************************************/ 22 23 24 $phpwcms = array(); 25 $root = rtrim(str_replace('\\', '/', realpath(dirname(__FILE__).'/../') ), '/').'/'; 26 require($root.'/config/phpwcms/conf.inc.php'); 27 require ($root.'/include/inc_lib/default.inc.php'); 28 require ($root.'/include/inc_lib/general.inc.php'); 29 require ($root.'/include/inc_lib/imagick.convert.inc.php'); 30 31 // get segments: cmsimage.php/%WIDTH%x%HEIGHT%x%CROP%x%QUALITY%/%HASH%.%EXT% 32 // by default this should be enough: cmsimage.php/%WIDTH%x%HEIGHT/%HASH%.%EXT% 33 $request_uri = isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : $_SERVER['PHP_SELF']; 34 35 // strip out PHPSESSNAME=... 36 if(session_id() && session_name()) { 37 // session expected at the end of REQUEST URI when added by PHP 38 $session_name_pos = strpos($request_uri, session_name().'='); 39 if($session_name_pos !== FALSE) { 40 $request_uri = trim(trim(mb_substr($request_uri, 0, $session_name_pos), '&'), '?'); 41 } 42 } 43 44 $query_separator = strpos($request_uri, 'cmsimage.php?') !== FALSE ? '?' : '/'; 45 $data = explode('cmsimage.php'.$query_separator, $request_uri, 2); 46 if(isset($data[1]) && !preg_match('/[^a-fgijpnxA-FGIJPN0-9\/\.]/', $data[1])) { 47 48 $data = explode('/', $data[1]); 49 50 // first check hashed data 51 if(isset($data[1])) { 52 53 $data[0] = preg_replace('/[^0-9x]/', '', $data[0]); 54 $data[1] = preg_replace('/[^a-fgijpn0-9\.]/i', '', $data[1]); 55 56 $value = array(); 57 58 $hash = cut_ext($data[1]); 59 $ext = which_ext($data[1]); 60 61 if(is_numeric($hash)) { 62 63 @session_start(); 64 $file_public = empty($_SESSION["wcs_user_id"]) ? 'f_public=1' : '(f_public=1 OR f_uid='.intval($_SESSION["wcs_user_id"]).')'; 65 66 require_once (PHPWCMS_ROOT.'/include/inc_lib/dbcon.inc.php'); 67 68 $sql = 'SELECT f_hash, f_ext FROM '.DB_PREPEND.'phpwcms_file WHERE '; 69 $sql .= 'f_id='.intval($hash)." AND "; 70 if(substr($phpwcms['image_library'], 0, 2) == 'gd') { 71 $sql .= "f_ext IN ('jpg','jpeg','png','gif','bmp') AND "; 72 } 73 $sql .= 'f_trash=0 AND f_aktiv=1 AND '.$file_public; 74 $hash = _dbQuery($sql); 75 if(isset($hash[0]['f_hash'])) { 76 $ext = $hash[0]['f_ext']; 77 $hash = $hash[0]['f_hash']; 78 } else { 79 $hash = ''; 80 $ext = ''; 81 } 82 83 } elseif($hash && strlen($hash) == 32 && $ext && !is_file(PHPWCMS_ROOT.'/'.PHPWCMS_FILES.$hash.'.'.$ext)) { 84 85 @session_start(); 86 $file_public = empty($_SESSION["wcs_user_id"]) ? 'f_public=1' : '(f_public=1 OR f_uid='.intval($_SESSION["wcs_user_id"]).')'; 87 88 require_once (PHPWCMS_ROOT.'/include/inc_lib/dbcon.inc.php'); 89 90 $sql = 'SELECT f_hash, f_ext FROM '.DB_PREPEND.'phpwcms_file WHERE '; 91 $sql .= 'f_hash='._dbEscape($hash)." AND "; 92 if(substr($phpwcms['image_library'], 0, 2) == 'gd') { 93 $sql .= "f_ext IN ('jpg','jpeg','png','gif','bmp') AND "; 94 } 95 $sql .= 'f_trash=0 AND f_aktiv=1 AND '.$file_public; 96 $hash = _dbQuery($sql); 97 if(isset($hash[0]['f_hash'])) { 98 $ext = $hash[0]['f_ext']; 99 $hash = $hash[0]['f_hash']; 100 } else { 101 $hash = ''; 102 $ext = ''; 103 } 104 105 } 106 107 if($hash && strlen($hash) == 32 && $ext) { 108 109 $attribute = explode('x', $data[0]); 110 $width = intval($attribute[0]); 111 $height = isset($attribute[1]) ? intval($attribute[1]) : 0; 112 $crop = isset($attribute[2]) ? (intval($attribute[2]) ? 1 : 0) : 0; 113 114 // quality 115 if(isset($attribute[3]) && ($quality = intval($attribute[3])) ) { 116 if($quality < 10 || $quality > 100) { 117 $quality = ''; 118 } else { 119 $value['jpg_quality'] = $quality; 120 } 121 } else { 122 $quality = ''; 123 } 124 125 $value["max_width"] = $width ? $width : ''; 126 $value["max_height"] = $height ? $height : ''; 127 $value['target_ext'] = $ext; 128 $value['image_name'] = $hash . '.' . $ext; 129 $value['thumb_name'] = md5($hash.$value["max_width"].$value["max_height"].$phpwcms['sharpen_level'].$crop.$quality); 130 $value['crop_image'] = $crop; 131 132 $image = get_cached_image( $value, false, false ); 133 134 if(!empty($image[0])) { 135 headerRedirect(PHPWCMS_URL.PHPWCMS_IMAGES.$image[0], 301); 136 } 137 138 } 139 140 } 141 142 } 143 144 // something did not work - redirect to transparent pixel image 145 headerRedirect(PHPWCMS_URL.'img/leer.gif', 301); 146 147 148 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
Generated: Sun Jan 29 16:31:14 2012 | Cross-referenced by PHPXref 0.7.1 |