2011-03-28 14:21:28 +00:00
|
|
|
<?
|
|
|
|
// Main image proxy page
|
|
|
|
// The image proxy does not use script_start.php, its code instead resides entirely in image.php in the document root
|
|
|
|
// Bear this in mind when you try to use script_start functions.
|
|
|
|
|
2013-05-04 08:00:48 +00:00
|
|
|
if (!check_perms('site_proxy_images')) {
|
|
|
|
error('forbidden');
|
|
|
|
}
|
2011-08-27 08:00:05 +00:00
|
|
|
$URL = isset($_GET['i']) ? htmlspecialchars_decode($_GET['i']) : null;
|
2011-03-28 14:21:28 +00:00
|
|
|
|
2013-05-04 08:00:48 +00:00
|
|
|
if (!extension_loaded('openssl') && strtoupper($URL[4]) == 'S') {
|
|
|
|
error('badprotocol');
|
|
|
|
}
|
2011-03-28 14:21:28 +00:00
|
|
|
|
2013-05-04 08:00:48 +00:00
|
|
|
if (!preg_match('/^'.IMAGE_REGEX.'/is',$URL,$Matches)) {
|
2011-03-28 14:21:28 +00:00
|
|
|
error('invalid');
|
|
|
|
}
|
|
|
|
|
2013-05-04 08:00:48 +00:00
|
|
|
if (isset($_GET['c'])) {
|
2011-03-28 14:21:28 +00:00
|
|
|
list($Data,$Type) = $Cache->get_value('image_cache_'.md5($URL));
|
|
|
|
$Cached = true;
|
|
|
|
}
|
2013-05-04 08:00:48 +00:00
|
|
|
if (!isset($Data) || !$Data) {
|
2011-03-28 14:21:28 +00:00
|
|
|
$Cached = false;
|
|
|
|
$Data = @file_get_contents($URL,0,stream_context_create(array('http'=>array('timeout'=>15))));
|
2013-05-04 08:00:48 +00:00
|
|
|
if (!$Data || empty($Data)) {
|
2011-03-28 14:21:28 +00:00
|
|
|
error('timeout');
|
|
|
|
}
|
2011-09-10 08:00:10 +00:00
|
|
|
$Type = image_type($Data);
|
2013-05-04 08:00:48 +00:00
|
|
|
if ($Type && function_exists('imagecreatefrom'.$Type)) {
|
2011-03-28 14:21:28 +00:00
|
|
|
$Image = imagecreatefromstring($Data);
|
2013-05-04 08:00:48 +00:00
|
|
|
if (invisible($Image)) {
|
2011-03-28 14:21:28 +00:00
|
|
|
error('invisible');
|
|
|
|
}
|
2013-05-04 08:00:48 +00:00
|
|
|
if (verysmall($Image)) {
|
2011-03-28 14:21:28 +00:00
|
|
|
error('small');
|
|
|
|
}
|
|
|
|
}
|
2011-09-10 08:00:10 +00:00
|
|
|
|
2013-04-19 08:00:55 +00:00
|
|
|
if (isset($_GET['c']) && strlen($Data) < 262144) {
|
|
|
|
$Cache->cache_value('image_cache_'.md5($URL), array($Data,$Type), 3600 * 24 * 7);
|
2011-03-28 14:21:28 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// Enforce avatar rules
|
2013-05-04 08:00:48 +00:00
|
|
|
if (isset($_GET['avatar'])) {
|
|
|
|
if (!is_number($_GET['avatar'])) {
|
|
|
|
die();
|
|
|
|
}
|
2011-03-28 14:21:28 +00:00
|
|
|
$UserID = $_GET['avatar'];
|
2011-09-10 08:00:10 +00:00
|
|
|
|
2011-03-28 14:21:28 +00:00
|
|
|
$Height = image_height($Type, $Data);
|
2013-05-04 08:00:48 +00:00
|
|
|
if (strlen($Data) > 256 * 1024 || $Height > 400) {
|
2011-03-28 14:21:28 +00:00
|
|
|
// Sometimes the cached image we have isn't the actual image
|
2013-05-04 08:00:48 +00:00
|
|
|
if ($Cached) {
|
2011-03-28 14:21:28 +00:00
|
|
|
$Data2 = @file_get_contents($URL,0,stream_context_create(array('http'=>array('timeout'=>15))));
|
|
|
|
} else {
|
|
|
|
$Data2 = $Data;
|
|
|
|
}
|
2013-05-04 08:00:48 +00:00
|
|
|
if (strlen($Data2) > 256 * 1024 || image_height($Type, $Data2) > 400) {
|
2011-03-28 14:21:28 +00:00
|
|
|
require_once(SERVER_ROOT.'/classes/class_mysql.php');
|
|
|
|
require_once(SERVER_ROOT.'/classes/class_time.php'); //Require the time class
|
2011-09-10 08:00:10 +00:00
|
|
|
|
2011-03-28 14:21:28 +00:00
|
|
|
$DB = new DB_MYSQL;
|
|
|
|
$DBURL = db_string($URL);
|
2011-09-10 08:00:10 +00:00
|
|
|
|
2011-03-28 14:21:28 +00:00
|
|
|
// Reset avatar, add mod note
|
|
|
|
$UserInfo = $Cache->get_value('user_info_'.$UserID);
|
|
|
|
$UserInfo['Avatar'] = '';
|
|
|
|
$Cache->cache_value('user_info_'.$UserID, $UserInfo, 2592000);
|
|
|
|
|
2013-05-04 08:00:48 +00:00
|
|
|
$DB->query("
|
|
|
|
UPDATE users_info
|
|
|
|
SET Avatar='', AdminComment=CONCAT('".sqltime()." - Avatar reset automatically (Size: ".number_format((strlen($Data)) / 1024)." kB, Height: ".$Height."px). Used to be $DBURL\n\n', AdminComment)
|
|
|
|
WHERE UserID='$UserID'");
|
2011-09-10 08:00:10 +00:00
|
|
|
|
2011-03-28 14:21:28 +00:00
|
|
|
// Send PM
|
2011-09-10 08:00:10 +00:00
|
|
|
|
2012-10-15 08:00:19 +00:00
|
|
|
send_pm($UserID,0,"Your avatar has been automatically reset","The following avatar rules have been in effect for months now:
|
2011-03-28 14:21:28 +00:00
|
|
|
|
2013-04-19 08:00:55 +00:00
|
|
|
[b]Avatars must not exceed 256 kB or be vertically longer than 400px. [/b]
|
2011-03-28 14:21:28 +00:00
|
|
|
|
|
|
|
Your avatar at $DBURL has been found to exceed these rules. As such, it has been automatically reset. You are welcome to reinstate your avatar once it has been resized down to an acceptable size.");
|
2011-09-10 08:00:10 +00:00
|
|
|
|
2013-05-16 16:15:57 +00:00
|
|
|
|
2011-03-28 14:21:28 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
2013-05-04 08:00:48 +00:00
|
|
|
TODO: solve this properly for photoshop output images which prepend shit to the image file. skip it or strip it
|
2011-03-28 14:21:28 +00:00
|
|
|
if (!isset($Type)) {
|
|
|
|
error('timeout');
|
|
|
|
}
|
|
|
|
*/
|
2013-05-04 08:00:48 +00:00
|
|
|
if (isset($Type)) {
|
2011-03-28 14:21:28 +00:00
|
|
|
header('Content-type: image/'.$Type);
|
|
|
|
}
|
|
|
|
echo $Data;
|
|
|
|
?>
|