]> git.immae.eu Git - github/wallabag/wallabag.git/blob - inc/poche/pochePictures.php
Merge branch 'fix/securityAllowedActions' into dev
[github/wallabag/wallabag.git] / inc / poche / pochePictures.php
1 <?php
2 /**
3 * wallabag, self hostable application allowing you to not miss any content anymore
4 *
5 * @category wallabag
6 * @author Nicolas LÅ“uillet <nicolas@loeuillet.org>
7 * @copyright 2013
8 * @license http://opensource.org/licenses/MIT see COPYING file
9 */
10
11
12 final class Picture
13 {
14 /**
15 * Changing pictures URL in article content
16 */
17 public static function filterPicture($content, $url, $id)
18 {
19 $matches = array();
20 $processing_pictures = array(); // list of processing image to avoid processing the same pictures twice
21 preg_match_all('#<\s*(img)[^>]+src="([^"]*)"[^>]*>#Si', $content, $matches, PREG_SET_ORDER);
22 foreach($matches as $i => $link) {
23 $link[1] = trim($link[1]);
24 if (!preg_match('#^(([a-z]+://)|(\#))#', $link[1])) {
25 $absolute_path = self::_getAbsoluteLink($link[2], $url);
26 $filename = basename(parse_url($absolute_path, PHP_URL_PATH));
27 $directory = self::_createAssetsDirectory($id);
28 $fullpath = $directory . '/' . $filename;
29
30 if (in_array($absolute_path, $processing_pictures) === true) {
31 // replace picture's URL only if processing is OK : already processing -> go to next picture
32 continue;
33 }
34
35 if (self::_downloadPictures($absolute_path, $fullpath) === true) {
36 $content = str_replace($matches[$i][2], $fullpath, $content);
37 }
38
39 $processing_pictures[] = $absolute_path;
40 }
41 }
42
43 return $content;
44 }
45
46 /**
47 * Get absolute URL
48 */
49 private static function _getAbsoluteLink($relativeLink, $url)
50 {
51 /* return if already absolute URL */
52 if (parse_url($relativeLink, PHP_URL_SCHEME) != '') return $relativeLink;
53
54 /* queries and anchors */
55 if ($relativeLink[0]=='#' || $relativeLink[0]=='?') return $url . $relativeLink;
56
57 /* parse base URL and convert to local variables:
58 $scheme, $host, $path */
59 extract(parse_url($url));
60
61 /* remove non-directory element from path */
62 $path = preg_replace('#/[^/]*$#', '', $path);
63
64 /* destroy path if relative url points to root */
65 if ($relativeLink[0] == '/') $path = '';
66
67 /* dirty absolute URL */
68 $abs = $host . $path . '/' . $relativeLink;
69
70 /* replace '//' or '/./' or '/foo/../' with '/' */
71 $re = array('#(/\.?/)#', '#/(?!\.\.)[^/]+/\.\./#');
72 for($n=1; $n>0; $abs=preg_replace($re, '/', $abs, -1, $n)) {}
73
74 /* absolute URL is ready! */
75 return $scheme.'://'.$abs;
76 }
77
78 /**
79 * Downloading pictures
80 *
81 * @return bool true if the download and processing is OK, false else
82 */
83 private static function _downloadPictures($absolute_path, $fullpath)
84 {
85 $rawdata = Tools::getFile($absolute_path);
86 $fullpath = urldecode($fullpath);
87
88 if(file_exists($fullpath)) {
89 unlink($fullpath);
90 }
91
92 // check extension
93 $file_ext = strrchr($fullpath, '.');
94 $whitelist = array(".jpg",".jpeg",".gif",".png");
95 if (!(in_array($file_ext, $whitelist))) {
96 Tools::logm('processed image with not allowed extension. Skipping ' . $fullpath);
97 return false;
98 }
99
100 // check headers
101 $imageinfo = getimagesize($absolute_path);
102 if ($imageinfo['mime'] != 'image/gif' && $imageinfo['mime'] != 'image/jpeg'&& $imageinfo['mime'] != 'image/jpg'&& $imageinfo['mime'] != 'image/png') {
103 Tools::logm('processed image with bad header. Skipping ' . $fullpath);
104 return false;
105 }
106
107 // regenerate image
108 $im = imagecreatefromstring($rawdata);
109 if ($im === false) {
110 Tools::logm('error while regenerating image ' . $fullpath);
111 return false;
112 }
113
114 switch ($imageinfo['mime']) {
115 case 'image/gif':
116 $result = imagegif($im, $fullpath);
117 break;
118 case 'image/jpeg':
119 case 'image/jpg':
120 $result = imagejpeg($im, $fullpath, REGENERATE_PICTURES_QUALITY);
121 break;
122 case 'image/png':
123 $result = imagepng($im, $fullpath, ceil(REGENERATE_PICTURES_QUALITY / 100 * 9));
124 break;
125 }
126 imagedestroy($im);
127
128 return $result;
129 }
130
131 /**
132 * Create a directory for an article
133 *
134 * @param $id ID of the article
135 * @return string
136 */
137 private static function _createAssetsDirectory($id)
138 {
139 $assets_path = ABS_PATH;
140 if (!is_dir($assets_path)) {
141 mkdir($assets_path, 0715);
142 }
143
144 $article_directory = $assets_path . $id;
145 if (!is_dir($article_directory)) {
146 mkdir($article_directory, 0715);
147 }
148
149 return $article_directory;
150 }
151
152 /**
153 * Remove the directory
154 *
155 * @param $directory
156 * @return bool
157 */
158 public static function removeDirectory($directory)
159 {
160 if (is_dir($directory)) {
161 $files = array_diff(scandir($directory), array('.','..'));
162 foreach ($files as $file) {
163 (is_dir("$directory/$file")) ? self::removeDirectory("$directory/$file") : unlink("$directory/$file");
164 }
165 return rmdir($directory);
166 }
167 }
168 }