Gazelle/sections/image/index.php

<?
if (!check_perms('site_proxy_images')) {
	img_error('forbidden');
}

$URL = isset($_GET['i']) ? htmlspecialchars_decode($_GET['i']) : null;

if (!extension_loaded('openssl') && strtoupper($URL[4]) == 'S') {
	img_error('badprotocol');
}

if (!preg_match('/^'.IMAGE_REGEX.'/is', $URL, $Matches)) {
	img_error('invalid');
}

if (isset($_GET['c'])) {
	list($Data, $FileType) = $Cache->get_value('image_cache_'.md5($URL));
	$Cached = true;
}
if (!isset($Data) || !$Data) {
	$Cached = false;
	$Data = @file_get_contents($URL, 0, stream_context_create(array('http' => array('timeout' => 15))));
	if (!$Data || empty($Data)) {
		img_error('timeout');
	}
	$FileType = image_type($Data);
	if ($FileType && function_exists("imagecreatefrom$FileType")) {
		$Image = imagecreatefromstring($Data);
		if (invisible($Image)) {
			img_error('invisible');
		}
		if (verysmall($Image)) {
			img_error('small');
		}
	}

	if (isset($_GET['c']) && strlen($Data) < 262144) {
		$Cache->cache_value('image_cache_'.md5($URL), array($Data, $FileType), 3600 * 24 * 7);
	}
}
// Reset avatar, add mod note
function reset_image($UserID, $Type, $AdminComment, $PrivMessage) {
	if ($Type === 'avatar') {
		$CacheKey = "user_info_$UserID";
		$DBTable = 'users_info';
		$DBColumn = 'Avatar';
		$PMSubject = 'Your avatar has been automatically reset';
	} elseif ($Type === 'avatar2') {
		$CacheKey = "donor_info_$UserID";
		$DBTable = 'donor_rewards';
		$DBColumn = 'SecondAvatar';
		$PMSubject = 'Your second avatar has been automatically reset';
	} elseif ($Type === 'donoricon') {
		$CacheKey = "donor_info_$UserID";
		$DBTable = 'donor_rewards';
		$DBColumn = 'CustomIcon';
		$PMSubject = 'Your donor icon has been automatically reset';
	}

	$UserInfo = G::$Cache->get_value($CacheKey, true);
	if ($UserInfo !== false) {
		if ($UserInfo[$DBColumn] === '') {
			// This image has already been reset
			return;
		}
		$UserInfo[$DBColumn] = '';
		G::$Cache->cache_value($CacheKey, $UserInfo, 2592000); // cache for 30 days
	}

	// reset the avatar or donor icon URL
	G::$DB->query("
		UPDATE $DBTable
		SET $DBColumn = ''
		WHERE UserID = '$UserID'");

	// write comment to staff notes
	G::$DB->query("
		UPDATE users_info
		SET AdminComment = CONCAT('".sqltime().' - '.db_string($AdminComment)."\n\n', AdminComment)
		WHERE UserID = '$UserID'");

	// clear cache keys
	G::$Cache->delete_value($CacheKey);

	Misc::send_pm($UserID, 0, $PMSubject, $PrivMessage);
}

// Enforce avatar rules
if (isset($_GET['type']) && isset($_GET['userid'])) {
	$ValidTypes = array('avatar', 'avatar2', 'donoricon');
	if (!is_number($_GET['userid']) || !in_array($_GET['type'], $ValidTypes)) {
		die();
	}
	$UserID = $_GET['userid'];
	$Type = $_GET['type'];

	if ($Type === 'avatar' || $Type === 'avatar2') {
		$MaxFileSize = 256 * 1024; // 256 kB
		$MaxImageHeight = 400; // pixels
		$TypeName = $Type === 'avatar' ? 'avatar' : 'second avatar';
	} elseif ($Type === 'donoricon') {
		$MaxFileSize = 64 * 1024; // 64 kB
		$MaxImageHeight = 100; // pixels
		$TypeName = 'donor icon';
	}

	$Height = image_height($FileType, $Data);
	if (strlen($Data) > $MaxFileSize || $Height > $MaxImageHeight) {
		// Sometimes the cached image we have isn't the actual image
		if ($Cached) {
			$Data2 = @file_get_contents($URL, 0, stream_context_create(array('http' => array('timeout' => 15))));
		} else {
			$Data2 = $Data;
		}

		if (strlen($Data2) > $MaxFileSize || image_height($FileType, $Data2) > $MaxImageHeight) {
			require_once(SERVER_ROOT.'/classes/mysql.class.php');
			require_once(SERVER_ROOT.'/classes/time.class.php');
			$DBURL = db_string($URL);
			$AdminComment = ucfirst($TypeName)." reset automatically (Size: ".number_format((strlen($Data)) / 1024)." kB, Height: ".$Height."px). Used to be $DBURL";
			$PrivMessage = SITE_NAME." has the following requirements for {$TypeName}s:\n\n".
				"[b]".ucfirst($TypeName)."s must not exceed ".($MaxFileSize / 1024)." kB or be vertically longer than {$MaxImageHeight}px.[/b]\n\n".
				"Your $TypeName at $DBURL has been found to exceed these rules. As such, it has been automatically reset. You are welcome to reinstate your $TypeName once it has been resized down to an acceptable size.";
			reset_image($UserID, $Type, $AdminComment, $PrivMessage);
		}
	}
}

if (!isset($FileType)) {
	img_error('timeout');
}

header("Content-type: image/$FileType");
echo $Data;
Initial import from revision 11440 2011-03-28 14:21:28 +00:00			`<?`
Empty commit 2013-05-04 08:00:48 +00:00			`if (!check_perms('site_proxy_images')) {`
Empty commit 2013-07-04 08:00:56 +00:00			`img_error('forbidden');`
Empty commit 2013-05-04 08:00:48 +00:00			`}`
Empty commit 2014-04-25 08:00:52 +00:00
Empty commit 2011-08-27 08:00:05 +00:00			`$URL = isset($_GET['i']) ? htmlspecialchars_decode($_GET['i']) : null;`
Initial import from revision 11440 2011-03-28 14:21:28 +00:00
Empty commit 2013-05-04 08:00:48 +00:00			`if (!extension_loaded('openssl') && strtoupper($URL[4]) == 'S') {`
Empty commit 2013-07-04 08:00:56 +00:00			`img_error('badprotocol');`
Empty commit 2013-05-04 08:00:48 +00:00			`}`
Initial import from revision 11440 2011-03-28 14:21:28 +00:00
Empty commit 2013-10-22 08:01:07 +00:00			`if (!preg_match('/^'.IMAGE_REGEX.'/is', $URL, $Matches)) {`
Empty commit 2013-07-04 08:00:56 +00:00			`img_error('invalid');`
Initial import from revision 11440 2011-03-28 14:21:28 +00:00			`}`

Empty commit 2013-05-04 08:00:48 +00:00			`if (isset($_GET['c'])) {`
Empty commit 2013-10-23 08:01:03 +00:00			`list($Data, $FileType) = $Cache->get_value('image_cache_'.md5($URL));`
Initial import from revision 11440 2011-03-28 14:21:28 +00:00			`$Cached = true;`
			`}`
Empty commit 2013-05-04 08:00:48 +00:00			`if (!isset($Data) \|\| !$Data) {`
Initial import from revision 11440 2011-03-28 14:21:28 +00:00			`$Cached = false;`
Empty commit 2013-10-22 08:01:07 +00:00			`$Data = @file_get_contents($URL, 0, stream_context_create(array('http' => array('timeout' => 15))));`
Empty commit 2013-05-04 08:00:48 +00:00			`if (!$Data \|\| empty($Data)) {`
Empty commit 2013-07-04 08:00:56 +00:00			`img_error('timeout');`
Initial import from revision 11440 2011-03-28 14:21:28 +00:00			`}`
Empty commit 2013-10-23 08:01:03 +00:00			`$FileType = image_type($Data);`
			`if ($FileType && function_exists("imagecreatefrom$FileType")) {`
Initial import from revision 11440 2011-03-28 14:21:28 +00:00			`$Image = imagecreatefromstring($Data);`
Empty commit 2013-05-04 08:00:48 +00:00			`if (invisible($Image)) {`
Empty commit 2013-07-04 08:00:56 +00:00			`img_error('invisible');`
Initial import from revision 11440 2011-03-28 14:21:28 +00:00			`}`
Empty commit 2013-05-04 08:00:48 +00:00			`if (verysmall($Image)) {`
Empty commit 2013-07-04 08:00:56 +00:00			`img_error('small');`
Initial import from revision 11440 2011-03-28 14:21:28 +00:00			`}`
			`}`
10 changes from Fri Sep 9 18:31:41 2011 +0200 to Fri Sep 9 22:33:05 2011 +0200 Make sure Trim trailing spaces Fixes http://what.cd/forums.php?action=viewthread&threadid=101865&postid=3478072#post3478072 Trimmed trailing whitespace Treats IP search as if they begin with a \| Sorts the Assign To box in staff pms alphabetically. Enable any/all option for tags in request filter Minor tweaks Show all used filters in the sphinx debug table Better detection of jpeg in image.php 2011-09-10 08:00:10 +00:00
Empty commit 2013-04-19 08:00:55 +00:00			`if (isset($_GET['c']) && strlen($Data) < 262144) {`
Empty commit 2013-10-23 08:01:03 +00:00			`$Cache->cache_value('image_cache_'.md5($URL), array($Data, $FileType), 3600 * 24 * 7);`
Initial import from revision 11440 2011-03-28 14:21:28 +00:00			`}`
			`}`
Empty commit 2013-10-23 08:01:03 +00:00			`// Reset avatar, add mod note`
			`function reset_image($UserID, $Type, $AdminComment, $PrivMessage) {`
			`if ($Type === 'avatar') {`
			`$CacheKey = "user_info_$UserID";`
			`$DBTable = 'users_info';`
Empty commit 2014-01-30 08:02:17 +00:00			`$DBColumn = 'Avatar';`
Empty commit 2013-10-23 08:01:03 +00:00			`$PMSubject = 'Your avatar has been automatically reset';`
			`} elseif ($Type === 'avatar2') {`
			`$CacheKey = "donor_info_$UserID";`
			`$DBTable = 'donor_rewards';`
Empty commit 2014-01-30 08:02:17 +00:00			`$DBColumn = 'SecondAvatar';`
Empty commit 2013-10-23 08:01:03 +00:00			`$PMSubject = 'Your second avatar has been automatically reset';`
			`} elseif ($Type === 'donoricon') {`
			`$CacheKey = "donor_info_$UserID";`
			`$DBTable = 'donor_rewards';`
Empty commit 2014-01-30 08:02:17 +00:00			`$DBColumn = 'CustomIcon';`
Empty commit 2013-10-23 08:01:03 +00:00			`$PMSubject = 'Your donor icon has been automatically reset';`
			`}`

			`$UserInfo = G::$Cache->get_value($CacheKey, true);`
			`if ($UserInfo !== false) {`
			`if ($UserInfo[$DBColumn] === '') {`
			`// This image has already been reset`
			`return;`
			`}`
			`$UserInfo[$DBColumn] = '';`
			`G::$Cache->cache_value($CacheKey, $UserInfo, 2592000); // cache for 30 days`
			`}`

			`// reset the avatar or donor icon URL`
			`G::$DB->query("`
			`UPDATE $DBTable`
			`SET $DBColumn = ''`
			`WHERE UserID = '$UserID'");`

			`// write comment to staff notes`
			`G::$DB->query("`
			`UPDATE users_info`
			`SET AdminComment = CONCAT('".sqltime().' - '.db_string($AdminComment)."\n\n', AdminComment)`
			`WHERE UserID = '$UserID'");`

			`// clear cache keys`
			`G::$Cache->delete_value($CacheKey);`

			`Misc::send_pm($UserID, 0, $PMSubject, $PrivMessage);`
			`}`
Initial import from revision 11440 2011-03-28 14:21:28 +00:00
			`// Enforce avatar rules`
Empty commit 2013-10-23 08:01:03 +00:00			`if (isset($_GET['type']) && isset($_GET['userid'])) {`
			`$ValidTypes = array('avatar', 'avatar2', 'donoricon');`
			`if (!is_number($_GET['userid']) \|\| !in_array($_GET['type'], $ValidTypes)) {`
Empty commit 2013-05-04 08:00:48 +00:00			`die();`
			`}`
Empty commit 2013-10-23 08:01:03 +00:00			`$UserID = $_GET['userid'];`
			`$Type = $_GET['type'];`

			`if ($Type === 'avatar' \|\| $Type === 'avatar2') {`
			`$MaxFileSize = 256 * 1024; // 256 kB`
			`$MaxImageHeight = 400; // pixels`
			`$TypeName = $Type === 'avatar' ? 'avatar' : 'second avatar';`
			`} elseif ($Type === 'donoricon') {`
			`$MaxFileSize = 64 * 1024; // 64 kB`
			`$MaxImageHeight = 100; // pixels`
			`$TypeName = 'donor icon';`
			`}`
10 changes from Fri Sep 9 18:31:41 2011 +0200 to Fri Sep 9 22:33:05 2011 +0200 Make sure Trim trailing spaces Fixes http://what.cd/forums.php?action=viewthread&threadid=101865&postid=3478072#post3478072 Trimmed trailing whitespace Treats IP search as if they begin with a \| Sorts the Assign To box in staff pms alphabetically. Enable any/all option for tags in request filter Minor tweaks Show all used filters in the sphinx debug table Better detection of jpeg in image.php 2011-09-10 08:00:10 +00:00
Empty commit 2013-10-23 08:01:03 +00:00			`$Height = image_height($FileType, $Data);`
			`if (strlen($Data) > $MaxFileSize \|\| $Height > $MaxImageHeight) {`
Initial import from revision 11440 2011-03-28 14:21:28 +00:00			`// Sometimes the cached image we have isn't the actual image`
Empty commit 2013-05-04 08:00:48 +00:00			`if ($Cached) {`
Empty commit 2013-10-22 08:01:07 +00:00			`$Data2 = @file_get_contents($URL, 0, stream_context_create(array('http' => array('timeout' => 15))));`
Initial import from revision 11440 2011-03-28 14:21:28 +00:00			`} else {`
			`$Data2 = $Data;`
			`}`
Empty commit 2013-10-23 08:01:03 +00:00
			`if (strlen($Data2) > $MaxFileSize \|\| image_height($FileType, $Data2) > $MaxImageHeight) {`
Empty commit 2013-05-27 08:00:58 +00:00			`require_once(SERVER_ROOT.'/classes/mysql.class.php');`
Empty commit 2013-10-23 08:01:03 +00:00			`require_once(SERVER_ROOT.'/classes/time.class.php');`
Initial import from revision 11440 2011-03-28 14:21:28 +00:00			`$DBURL = db_string($URL);`
Empty commit 2013-10-23 08:01:03 +00:00			`$AdminComment = ucfirst($TypeName)." reset automatically (Size: ".number_format((strlen($Data)) / 1024)." kB, Height: ".$Height."px). Used to be $DBURL";`
			`$PrivMessage = SITE_NAME." has the following requirements for {$TypeName}s:\n\n".`
			`"[b]".ucfirst($TypeName)."s must not exceed ".($MaxFileSize / 1024)." kB or be vertically longer than {$MaxImageHeight}px.[/b]\n\n".`
			`"Your $TypeName at $DBURL has been found to exceed these rules. As such, it has been automatically reset. You are welcome to reinstate your $TypeName once it has been resized down to an acceptable size.";`
			`reset_image($UserID, $Type, $AdminComment, $PrivMessage);`
Initial import from revision 11440 2011-03-28 14:21:28 +00:00			`}`
			`}`
			`}`

Empty commit 2013-10-23 08:01:03 +00:00			`if (!isset($FileType)) {`
Empty commit 2013-07-04 08:00:56 +00:00			`img_error('timeout');`
Initial import from revision 11440 2011-03-28 14:21:28 +00:00			`}`
Empty commit 2014-04-25 08:00:52 +00:00
			`header("Content-type: image/$FileType");`
Initial import from revision 11440 2011-03-28 14:21:28 +00:00			`echo $Data;`