Fixed bug #12341: Image generation broken with PHPs safe_mode activated and GraphicsM...
[Packages/TYPO3.CMS.git] / t3lib / thumbs.php
1 <?php
2 /***************************************************************
3 * Copyright notice
4 *
5 * (c) 1999-2009 Kasper Skaarhoj (kasperYYYY@typo3.com)
6 * All rights reserved
7 *
8 * This script is part of the TYPO3 project. The TYPO3 project is
9 * free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * The GNU General Public License can be found at
15 * http://www.gnu.org/copyleft/gpl.html.
16 * A copy is found in the textfile GPL.txt and important notices to the license
17 * from the author is found in LICENSE.txt distributed with these scripts.
18 *
19 *
20 * This script is distributed in the hope that it will be useful,
21 * but WITHOUT ANY WARRANTY; without even the implied warranty of
22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23 * GNU General Public License for more details.
24 *
25 * This copyright notice MUST APPEAR in all copies of the script!
26 ***************************************************************/
27 /**
28 * Generates a thumbnail and returns an image stream, either GIF/PNG or JPG
29 *
30 * $Id$
31 * Revised for TYPO3 3.6 July/2003 by Kasper Skaarhoj
32 *
33 * @author Kasper Skaarhoj <kasperYYYY@typo3.com>
34 */
35 /**
36 * [CLASS/FUNCTION INDEX of SCRIPT]
37 *
38 *
39 *
40 * 113: class SC_t3lib_thumbs
41 * 134: function init()
42 * 164: function main()
43 *
44 * SECTION: OTHER FUNCTIONS:
45 * 267: function errorGif($l1,$l2,$l3)
46 * 319: function fontGif($font)
47 * 366: function wrapFileName($inputName)
48 *
49 * TOTAL FUNCTIONS: 5
50 * (This index is automatically created/updated by the extension "extdeveval")
51 *
52 */
53
54
55 // *******************************
56 // Set error reporting
57 // *******************************
58 if (defined('E_DEPRECATED')) {
59 error_reporting(E_ALL ^ E_NOTICE ^ E_DEPRECATED);
60 } else {
61 error_reporting(E_ALL ^ E_NOTICE);
62 }
63
64
65
66 // ******************
67 // Constants defined
68 // ******************
69 define('TYPO3_OS', stristr(PHP_OS,'win')&&!stristr(PHP_OS,'darwin')?'WIN':'');
70 define('TYPO3_MODE','BE');
71 if(!defined('PATH_thisScript')) define('PATH_thisScript',str_replace('//','/', str_replace('\\','/', (php_sapi_name()=='cgi'||php_sapi_name()=='isapi' ||php_sapi_name()=='cgi-fcgi')&&($_SERVER['ORIG_PATH_TRANSLATED']?$_SERVER['ORIG_PATH_TRANSLATED']:$_SERVER['PATH_TRANSLATED'])? ($_SERVER['ORIG_PATH_TRANSLATED']?$_SERVER['ORIG_PATH_TRANSLATED']:$_SERVER['PATH_TRANSLATED']):($_SERVER['ORIG_SCRIPT_FILENAME']?$_SERVER['ORIG_SCRIPT_FILENAME']:$_SERVER['SCRIPT_FILENAME']))));
72 if(!defined('PATH_site')) define('PATH_site', preg_replace('/[^\/]*.[^\/]*$/','',PATH_thisScript)); // the path to the website folder (see init.php)
73 if(!defined('PATH_t3lib')) define('PATH_t3lib', PATH_site.'t3lib/');
74 define('PATH_typo3conf', PATH_site.'typo3conf/');
75 define('TYPO3_mainDir', 'typo3/'); // This is the directory of the backend administration for the sites of this TYPO3 installation.
76 define('PATH_typo3', PATH_site.TYPO3_mainDir);
77
78
79 // ******************
80 // Including config
81 // ******************
82 require_once(PATH_t3lib.'class.t3lib_div.php');
83 require_once(PATH_t3lib.'class.t3lib_extmgm.php');
84
85 require(PATH_t3lib.'config_default.php');
86 if (!defined ('TYPO3_db')) die ('The configuration file was not included.');
87 if (!$TYPO3_CONF_VARS['GFX']['image_processing']) die ('ImageProcessing was disabled!');
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105 /**
106 * Class for generating a thumbnail from the input parameters given to the script
107 *
108 * Input GET var, &file: relative or absolute reference to an imagefile. WILL be validated against PATH_site / lockRootPath
109 * Input GET var, &size: integer-values defining size of thumbnail, format '[int]' or '[int]x[int]'
110 *
111 * Relative paths MUST BE the first two characters ONLY: eg: '../dir/file.gif', otherwise it is expect to be absolute
112 *
113 * @author Kasper Skaarhoj <kasperYYYY@typo3.com>
114 * @package TYPO3
115 * @subpackage t3lib
116 */
117 class SC_t3lib_thumbs {
118 var $include_once = array();
119
120 var $outdir = 'typo3temp/'; // The output directory of temporary files in PATH_site
121 var $output = '';
122 var $sizeDefault='56x56';
123
124 var $imageList; // Coming from $TYPO3_CONF_VARS['GFX']['imagefile_ext']
125 var $input; // Contains the absolute path to the file for which to make a thumbnail (after init())
126
127 // Internal, static: GPvar:
128 var $file; // Holds the input filename (GET: file)
129 var $size; // Holds the input size (GET: size)
130 var $mtime = 0; // Last modification time of the supplied file
131
132
133 /**
134 * Initialize; reading parameters with GPvar and checking file path
135 * Results in internal var, $this->input, being set to the absolute path of the file for which to make the thumbnail.
136 *
137 * @return void
138 */
139 function init() {
140 global $TYPO3_CONF_VARS;
141
142 // Setting GPvars:
143 $file = t3lib_div::_GP('file');
144 $size = t3lib_div::_GP('size');
145 $md5sum = t3lib_div::_GP('md5sum');
146
147 // Image extension list is set:
148 $this->imageList = $TYPO3_CONF_VARS['GFX']['imagefile_ext']; // valid extensions. OBS: No spaces in the list, all lowercase...
149
150 // If the filereference $this->file is relative, we correct the path
151 if (substr($file,0,3)=='../') {
152 $file = PATH_site.substr($file,3);
153 }
154
155 // Now the path is absolute.
156 // Checking for backpath and double slashes + the thumbnail can be made from files which are in the PATH_site OR the lockRootPath only!
157 if (t3lib_div::isAllowedAbsPath($file)) {
158 $mtime = filemtime($file);
159 }
160
161 // Do an MD5 check to prevent viewing of images without permission
162 $OK = FALSE;
163 if ($mtime) {
164 // Always use the absolute path for this check!
165 $check = basename($file).':'.$mtime.':'.$GLOBALS['TYPO3_CONF_VARS']['SYS']['encryptionKey'];
166 $md5_real = t3lib_div::shortMD5($check);
167 if (!strcmp($md5_real,$md5sum)) {
168 $OK = TRUE;
169 }
170 }
171
172 if ($OK) {
173 $this->input = $file;
174 $this->size = $size;
175 $this->mtime = $mtime;
176 } else {
177 die('Error: Image does not exist and/or MD5 checksum did not match.');
178 }
179 }
180
181 /**
182 * Create the thumbnail
183 * Will exit before return if all is well.
184 *
185 * @return void
186 */
187 function main() {
188 global $TYPO3_CONF_VARS;
189
190 // If file exists, we make a thumbsnail of the file.
191 if ($this->input && file_exists($this->input)) {
192
193 // Check file extension:
194 $reg = array();
195 if (preg_match('/(.*)\.([^\.]*$)/',$this->input,$reg)) {
196 $ext=strtolower($reg[2]);
197 $ext=($ext=='jpeg')?'jpg':$ext;
198 if ($ext=='ttf') {
199 $this->fontGif($this->input); // Make font preview... (will not return)
200 } elseif (!t3lib_div::inList($this->imageList, $ext)) {
201 $this->errorGif('Not imagefile!',$ext,basename($this->input));
202 }
203 } else {
204 $this->errorGif('Not imagefile!','No ext!',basename($this->input));
205 }
206
207 // ... so we passed the extension test meaning that we are going to make a thumbnail here:
208 if (!$this->size) $this->size = $this->sizeDefault; // default
209
210 // I added extra check, so that the size input option could not be fooled to pass other values. That means the value is exploded, evaluated to an integer and the imploded to [value]x[value]. Furthermore you can specify: size=340 and it'll be translated to 340x340.
211 $sizeParts = explode('x', $this->size.'x'.$this->size); // explodes the input size (and if no "x" is found this will add size again so it is the same for both dimensions)
212 $sizeParts = array(t3lib_div::intInRange($sizeParts[0],1,1000),t3lib_div::intInRange($sizeParts[1],1,1000)); // Cleaning it up, only two parameters now.
213 $this->size = implode('x',$sizeParts); // Imploding the cleaned size-value back to the internal variable
214 $sizeMax = max($sizeParts); // Getting max value
215
216 // Init
217 $outpath = PATH_site.$this->outdir;
218
219 // Should be - ? 'png' : 'gif' - , but doesn't work (ImageMagick prob.?)
220 // René: png work for me
221 $thmMode = t3lib_div::intInRange($TYPO3_CONF_VARS['GFX']['thumbnails_png'],0);
222 $outext = ($ext!='jpg' || ($thmMode & 2)) ? ($thmMode & 1 ? 'png' : 'gif') : 'jpg';
223
224 $outfile = 'tmb_'.substr(md5($this->input.$this->mtime.$this->size),0,10).'.'.$outext;
225 $this->output = $outpath.$outfile;
226
227 if ($TYPO3_CONF_VARS['GFX']['im']) {
228 // If thumbnail does not exist, we generate it
229 if (!file_exists($this->output)) {
230 /* if (strstr($this->input,' ') || strstr($this->output,' ')) {
231 $this->errorGif('Spaces in','filepath',basename($this->input));
232 }
233 */ // 16 colors for small (56) thumbs, 64 for bigger and all for jpegs
234 if ($outext=='jpg') {
235 $colors = '';
236 } else {
237 $colors = ($sizeMax>56)?'-colors 64':'-colors 16';
238 }
239 $parameters = '-sample '.$this->size.' '.$colors.' '.$this->wrapFileName($this->input).'[0] '.$this->wrapFileName($this->output);
240 $cmd = t3lib_div::imageMagickCommand('convert', $parameters);
241 exec($cmd);
242 if (!file_exists($this->output)) {
243 $this->errorGif('No thumb','generated!',basename($this->input));
244 }
245 }
246 // The thumbnail is read and output to the browser
247 if($fd = @fopen($this->output,'rb')) {
248 header('Content-type: image/'.$outext);
249 fpassthru($fd);
250 fclose($fd);
251 } else {
252 $this->errorGif('Read problem!','',$this->output);
253 }
254 } else exit;
255 } else {
256 $this->errorGif('No valid','inputfile!',basename($this->input));
257 }
258 }
259
260
261
262
263
264
265
266
267
268
269
270 /***************************
271 *
272 * OTHER FUNCTIONS:
273 *
274 ***************************/
275
276 /**
277 * Creates error image based on gfx/notfound_thumb.png
278 * Requires GD lib enabled, otherwise it will exit with the three textstrings outputted as text.
279 * Outputs the image stream to browser and exits!
280 *
281 * @param string Text line 1
282 * @param string Text line 2
283 * @param string Text line 3
284 * @return void
285 */
286 function errorGif($l1,$l2,$l3) {
287 global $TYPO3_CONF_VARS;
288
289 if (!$TYPO3_CONF_VARS['GFX']['gdlib']) die($l1.' '.$l2.' '.$l3);
290
291 // Creates the basis for the error image
292 if ($TYPO3_CONF_VARS['GFX']['gdlib_png']) {
293 header('Content-type: image/png');
294 $im = imagecreatefrompng(PATH_typo3.'gfx/notfound_thumb.png');
295 } else {
296 header('Content-type: image/gif');
297 $im = imagecreatefromgif(PATH_typo3.'gfx/notfound_thumb.gif');
298 }
299 // Sets background color and print color.
300 $white = imageColorAllocate($im, 0,0,0);
301 $black = imageColorAllocate($im, 255,255,0);
302
303 // Prints the text strings with the build-in font functions of GD
304 $x=0;
305 $font=0;
306 if ($l1) {
307 imagefilledrectangle($im, $x, 9, 56, 16, $black);
308 imageString($im,$font,$x,9,$l1,$white);
309 }
310 if ($l2) {
311 imagefilledrectangle($im, $x, 19, 56, 26, $black);
312 imageString($im,$font,$x,19,$l2,$white);
313 }
314 if ($l3) {
315 imagefilledrectangle($im, $x, 29, 56, 36, $black);
316 imageString($im,$font,$x,29,substr($l3,-14),$white);
317 }
318
319 // Outputting the image stream and exit
320 if ($TYPO3_CONF_VARS['GFX']['gdlib_png']) {
321 imagePng($im);
322 } else {
323 imageGif($im);
324 }
325 imagedestroy($im);
326 exit;
327 }
328
329 /**
330 * Creates a font-preview thumbnail.
331 * This means a PNG/GIF file with the text "AaBbCc...." set with the font-file given as input and in various sizes to show how the font looks
332 * Requires GD lib enabled.
333 * Outputs the image stream to browser and exits!
334 *
335 * @param string The filepath to the font file (absolute, probably)
336 * @return void
337 */
338 function fontGif($font) {
339 global $TYPO3_CONF_VARS;
340
341 if (!$TYPO3_CONF_VARS['GFX']['gdlib']) die('');
342
343 // Create image and set background color to white.
344 $im = imageCreate(250,76);
345 $white = imageColorAllocate($im, 255,255,255);
346 $col = imageColorAllocate($im, 0,0,0);
347
348 // The test string and offset in x-axis.
349 $string = 'AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZzÆæØøÅåÄäÖöÜüß';
350 $x=13;
351
352 // Print (with non-ttf font) the size displayed
353 imagestring ($im, 1, 0, 2, '10', $col);
354 imagestring ($im, 1, 0, 15, '12', $col);
355 imagestring ($im, 1, 0, 30, '14', $col);
356 imagestring ($im, 1, 0, 47, '18', $col);
357 imagestring ($im, 1, 0, 68, '24', $col);
358
359 // Print with ttf-font the test string
360 imagettftext ($im, t3lib_div::freetypeDpiComp(10), 0, $x, 8, $col, $font, $string);
361 imagettftext ($im, t3lib_div::freetypeDpiComp(12), 0, $x, 21, $col, $font, $string);
362 imagettftext ($im, t3lib_div::freetypeDpiComp(14), 0, $x, 36, $col, $font, $string);
363 imagettftext ($im, t3lib_div::freetypeDpiComp(18), 0, $x, 53, $col, $font, $string);
364 imagettftext ($im, t3lib_div::freetypeDpiComp(24), 0, $x, 74, $col, $font, $string);
365
366 // Output PNG or GIF based on $TYPO3_CONF_VARS['GFX']['gdlib_png']
367 if ($TYPO3_CONF_VARS['GFX']['gdlib_png']) {
368 header('Content-type: image/png');
369 imagePng($im);
370 } else {
371 header('Content-type: image/gif');
372 imageGif($im);
373 }
374 imagedestroy($im);
375 exit;
376 }
377
378 /**
379 * Escapes a file name so it can safely be used on the command line.
380 *
381 * @param string $inputName filename to safeguard, must not be empty
382 *
383 * @return string $inputName escaped as needed
384 */
385 protected function wrapFileName($inputName) {
386 return escapeshellarg($inputName);
387 }
388 }
389
390 if (defined('TYPO3_MODE') && $TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['t3lib/thumbs.php']) {
391 include_once($TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['t3lib/thumbs.php']);
392 }
393
394
395
396
397 // Make instance:
398 $SOBE = t3lib_div::makeInstance('SC_t3lib_thumbs');
399 $SOBE->init();
400 $SOBE->main();
401
402 ?>