/
Image.php
210 lines (189 loc) · 6.26 KB
/
Image.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
<?php
/**
* Munee: Optimising Your Assets
*
* @copyright Cody Lundquist 2012
* @license http://opensource.org/licenses/mit-license.php
*/
namespace Munee\Asset\Type;
use Munee\ErrorException;
use Munee\Asset\Type;
use Munee\Utils;
/**
* Handles Images
*
* @author Cody Lundquist
*/
class Image extends Type
{
/**
* @var array
*/
protected $_options = array(
// How many filters can be done within the `allowedFiltersTimeLimit`
'numberOfAllowedFilters' => 3,
// Number of seconds - default is 5 minutes
'allowedFiltersTimeLimit' => 300,
// Should the referrer be checked for security
'checkReferrer' => true,
'placeholders' => false
);
protected $_placeholder = false;
/**
* Checks to see if cache exists and is the latest, if it does, return it
*
* Extra security checks for images
*
* @param string $originalFile
* @param string $cacheFile
*
* @return bool|string
*/
protected function _checkCache($originalFile, $cacheFile)
{
if (! $return = parent::_checkCache($originalFile, $cacheFile)) {
/**
* If using the placeholder when the original file doesn't exist
* and it has already been cached, return the cached contents.
* Also make sure the placeholder hasn't been modified since being cached.
*/
$this->_placeholder = $this->_parsePlaceholders($originalFile);
if (
! file_exists($originalFile) &&
$this->_placeholder &&
file_exists($this->_placeholder) &&
file_exists($cacheFile) &&
filemtime($cacheFile) > filemtime($this->_placeholder)
) {
return file_get_contents($cacheFile);
}
if ($this->_options['checkReferrer']) {
$this->_checkReferrer();
}
$this->_checkNumberOfAllowedFilters($cacheFile);
}
return $return;
}
/**
* Overwrite the _setupFile function so placeholder images can be shown instead of broken images
*
*
* @param string $originalFile
* @param string $cacheFile
*/
protected function _setupFile($originalFile, $cacheFile)
{
if (! file_exists($originalFile)) {
// If we are using a placeholder and that exists, use it!
if ($this->_placeholder && file_exists($this->_placeholder)) {
$originalFile = $this->_placeholder;
}
}
parent::_setupFile($originalFile, $cacheFile);
}
/**
* Set additional headers just for an Image
*/
public function getHeaders()
{
switch ($this->_request->ext) {
case 'jpg':
case 'jpeg':
header("Content-Type: image/jpg");
break;
case 'png':
header("Content-Type: image/png");
break;
case 'gif':
header("Content-Type: image/gif");
break;
}
}
/**
* Check to make sure the referrer domain is the same as the domain where the image exists.
*
* @throws ErrorException
*/
protected function _checkReferrer()
{
if (! isset($_SERVER['HTTP_REFERER'])) {
throw new ErrorException('Direct image manipulation is not allowed.');
}
$referrer = preg_replace('%^https?://%', '', $_SERVER['HTTP_REFERER']);
if (! preg_match("%^{$_SERVER['SERVER_NAME']}%", $referrer)) {
throw new ErrorException('Referrer does not match the correct domain.');
}
}
/**
* Check number of allowed resizes within a set time limit
*
* @param string $checkImage
*
* @throws ErrorException
*/
protected function _checkNumberOfAllowedFilters($checkImage)
{
$pathInfo = pathinfo($checkImage);
$fileNameHash = preg_replace('%-.*$%', '', $pathInfo['filename']);
// Grab all the similar files
$cachedImages = glob($pathInfo['dirname'] . DS . $fileNameHash . '*');
// Loop through and remove the ones that are older than the time limit
foreach ($cachedImages as $k => $image) {
if (filemtime($image) < time() - $this->_options['allowedFiltersTimeLimit']) {
unset($cachedImages[$k]);
}
}
// Check and see if we've reached the maximum allowed resizes within the current time limit.
if (count($cachedImages) >= $this->_options['numberOfAllowedFilters']) {
throw new ErrorException('You cannot create anymore resizes/manipulations at this time.');
}
}
/**
* @param string $file
*
* @return boolean|string
*
* @throws ErrorException
*/
protected function _parsePlaceholders($file)
{
$ret = false;
if (! empty($this->_options['placeholders'])) {
if (! is_array($this->_options['placeholders'])) {
throw new ErrorException('Placeholders option must be an array.');
}
foreach ($this->_options['placeholders'] as $path => $placeholder) {
// Setup path for regex
$regex = str_replace('*', '.*?', $path) . '$';
if (preg_match("%{$regex}%", $file)) {
if ('http' == substr($placeholder, 0, 4)) {
$ret = $this->_getImageByUrl($placeholder);
} else {
$ret = $placeholder;
}
break;
}
}
}
return $ret;
}
/**
* Grabs an image by URL from another server
*
* @param string $url
*
* @return string
*/
protected function _getImageByUrl($url)
{
$cacheFolder = MUNEE_CACHE . DS . 'placeholders';
Utils::createDir($cacheFolder);
$requestOptions = serialize($this->_request->options);
$originalFile = array_shift($this->_request->files);
$fileName = $cacheFolder . DS . md5($url) . '-' . md5($requestOptions . $originalFile);
if (! file_exists($fileName)) {
file_put_contents($fileName, file_get_contents($url));
}
return $fileName;
}
}