diff options
| author | Derky <derky@phpbb.com> | 2018-10-23 23:51:55 +0200 |
|---|---|---|
| committer | Derky <derky@phpbb.com> | 2018-10-23 23:57:24 +0200 |
| commit | d753351edc04a45c61411ee09607fb932d314617 (patch) | |
| tree | 786d721e1cfac4866705114494982a2e45bcd467 /phpBB/includes/functions_posting.php | |
| parent | ae6c3b0d34c662f107fb7cb8d9e26e5bd252a3b3 (diff) | |
| download | forums-d753351edc04a45c61411ee09607fb932d314617.tar forums-d753351edc04a45c61411ee09607fb932d314617.tar.gz forums-d753351edc04a45c61411ee09607fb932d314617.tar.bz2 forums-d753351edc04a45c61411ee09607fb932d314617.tar.xz forums-d753351edc04a45c61411ee09607fb932d314617.zip | |
[ticket/security/227] Replace ImageMagick support with thumbnail event
SECURITY-227
Diffstat (limited to 'phpBB/includes/functions_posting.php')
| -rw-r--r-- | phpBB/includes/functions_posting.php | 42 |
1 files changed, 24 insertions, 18 deletions
diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php index 1e8f1ad00d..2d713481a5 100644 --- a/phpBB/includes/functions_posting.php +++ b/phpBB/includes/functions_posting.php @@ -519,7 +519,7 @@ function get_supported_image_types($type = false) */ function create_thumbnail($source, $destination, $mimetype) { - global $config, $phpbb_filesystem; + global $config, $phpbb_filesystem, $phpbb_dispatcher; $min_filesize = (int) $config['img_min_thumb_filesize']; $img_filesize = (file_exists($source)) ? @filesize($source) : false; @@ -551,25 +551,31 @@ function create_thumbnail($source, $destination, $mimetype) return false; } - $used_imagick = false; + $thumbnail_created = false; - // Only use ImageMagick if defined and the passthru function not disabled - if ($config['img_imagick'] && function_exists('passthru')) - { - if (substr($config['img_imagick'], -1) !== '/') - { - $config['img_imagick'] .= '/'; - } - - @passthru(escapeshellcmd($config['img_imagick']) . 'convert' . ((defined('PHP_OS') && preg_match('#^win#i', PHP_OS)) ? '.exe' : '') . ' -quality 85 -geometry ' . $new_width . 'x' . $new_height . ' "' . str_replace('\\', '/', $source) . '" "' . str_replace('\\', '/', $destination) . '"'); - - if (file_exists($destination)) - { - $used_imagick = true; - } - } + /** + * Create thumbnail event to replace GD thumbnail creation with for example ImageMagick + * + * @event core.thumbnail_create_before + * @var string source Image source path + * @var string destination Thumbnail destination path + * @var string mimetype Image mime type + * @var float new_width Calculated thumbnail width + * @var float new_height Calculated thumbnail height + * @var bool thumbnail_created Set to true to skip default GD thumbnail creation + * @since 3.2.4-RC1 + */ + $vars = array( + 'source', + 'destination', + 'mimetype', + 'new_width', + 'new_height', + 'thumbnail_created', + ); + extract($phpbb_dispatcher->trigger_event('core.thumbnail_create_before', compact($vars))); - if (!$used_imagick) + if (!$thumbnail_created) { $type = get_supported_image_types($type); |