diff options
Diffstat (limited to 'inc')
-rw-r--r-- | inc/poche/pochePictures.php | 36 |
1 files changed, 33 insertions, 3 deletions
diff --git a/inc/poche/pochePictures.php b/inc/poche/pochePictures.php index a11340f8..f10cc25e 100644 --- a/inc/poche/pochePictures.php +++ b/inc/poche/pochePictures.php | |||
@@ -73,9 +73,39 @@ function download_pictures($absolute_path, $fullpath) | |||
73 | if(file_exists($fullpath)) { | 73 | if(file_exists($fullpath)) { |
74 | unlink($fullpath); | 74 | unlink($fullpath); |
75 | } | 75 | } |
76 | $fp = fopen($fullpath, 'x'); | 76 | |
77 | fwrite($fp, $rawdata); | 77 | // check extension |
78 | fclose($fp); | 78 | $file_ext = strrchr($fullpath, '.'); |
79 | $whitelist = array(".jpg",".jpeg",".gif",".png"); | ||
80 | if (!(in_array($file_ext, $whitelist))) { | ||
81 | Tools::logm('processed image with not allowed extension. Skipping ' . $fullpath); | ||
82 | } else { | ||
83 | // check headers | ||
84 | $imageinfo = getimagesize($absolute_path); | ||
85 | if ($imageinfo['mime'] != 'image/gif' && $imageinfo['mime'] != 'image/jpeg'&& $imageinfo['mime'] != 'image/jpg'&& $imageinfo['mime'] != 'image/png') { | ||
86 | Tools::logm('processed image with bad header. Skipping ' . $fullpath); | ||
87 | } else { | ||
88 | // regenerate image | ||
89 | $im = imagecreatefromstring($rawdata); | ||
90 | if ($im) { | ||
91 | switch ($imageinfo['mime']) { | ||
92 | case 'image/gif': | ||
93 | imagegif($im, $fullpath); | ||
94 | break; | ||
95 | case 'image/jpeg': | ||
96 | case 'image/jpg': | ||
97 | imagejpeg($im, $fullpath); // default quality is 75% | ||
98 | break; | ||
99 | case 'image/png': | ||
100 | imagepng($im, $fullpath); | ||
101 | break; | ||
102 | } | ||
103 | imagedestroy($im); | ||
104 | } else { | ||
105 | Tools::logm('error while regenerating image ' . $fullpath); | ||
106 | } | ||
107 | } | ||
108 | } | ||
79 | } | 109 | } |
80 | 110 | ||
81 | /** | 111 | /** |