diff --git a/inc/image.php b/inc/image.php index 63d6f9b5..9275bd9c 100644 --- a/inc/image.php +++ b/inc/image.php @@ -216,8 +216,7 @@ public function init() { global $config; - $this->temp = tempnam($config['tmp'], 'imagick'); - + $this->temp = false; } public function from() { $size = trim(shell_exec('identify -format "%w %h" ' . escapeshellarg($this->src . '[0]'))); @@ -232,8 +231,13 @@ } } public function to($src) { - rename($this->temp, $src); - chmod($src, 0664); + if(!$this->temp) { + // $config['redraw_image'] + shell_exec('convert ' . escapeshellarg($this->src) . ' ' . escapeshellarg($src)); + } else { + rename($this->temp, $src); + chmod($src, 0664); + } } public function width() { return $this->width; @@ -243,10 +247,18 @@ } public function destroy() { @unlink($this->temp); + $this->temp = false; } public function resize() { global $config; + if($this->temp) { + // remove old + $this->destroy(); + } + + $this->temp = tempnam($config['tmp'], 'imagick'); + $quality = $config['thumb_quality'] * 10; if(shell_exec("convert -flatten -filter Point -scale {$this->width}x{$this->height} +antialias -quality {$quality} " . escapeshellarg($this->src . '[0]') . " " . escapeshellarg($this->temp)) || !file_exists($this->temp)) diff --git a/post.php b/post.php index 606a64ea..3b309085 100644 --- a/post.php +++ b/post.php @@ -455,15 +455,18 @@ // Truncate filename if it is too long $post['filename'] = substr($post['filename'], 0, $config['max_filename_len']); - // Move the uploaded file - if(!@move_uploaded_file($_FILES['file']['tmp_name'], $post['file'])) error($config['error']['nomove']); - $post['filehash'] = $config['file_hash']($post['file']); - $post['filesize'] = filesize($post['file']); + $upload = $_FILES['file']['tmp_name']; + + if(!is_readable($upload)) + error($config['error']['nomove']); + + $post['filehash'] = $config['file_hash']($upload); + $post['filesize'] = filesize($upload); if($is_an_image) { // Check IE MIME type detection XSS exploit - $buffer = file_get_contents($post['file'], null, null, null, 255); + $buffer = file_get_contents($upload, null, null, null, 255); if(preg_match($config['ie_mime_type_detection'], $buffer)) { undoImage($post); error($config['error']['mime_exploit']); @@ -482,9 +485,9 @@ // PHP's memory limit. // first try GD's getimagesize() - if($size = @getimagesize($post['file'])) { + if($size = @getimagesize($upload)) { if($size[0] > $config['max_width'] || $size[1] > $config['max_height']) { - file_unlink($post['file']); + error($config['error']['maxsize']); } } else { @@ -493,18 +496,16 @@ } } else { // find dimensions of an image using GD - if(!$size = @getimagesize($post['file'])) { - file_unlink($post['file']); + if(!$size = @getimagesize($upload)) { error($config['error']['invalidimg']); } if($size[0] > $config['max_width'] || $size[1] > $config['max_height']) { - file_unlink($post['file']); error($config['error']['maxsize']); } } // create image object - $image = new Image($post['file'], $post['extension']); + $image = new Image($upload, $post['extension']); if($image->size->width > $config['max_width'] || $image->size->height > $config['max_height']) { $image->delete(); @@ -526,7 +527,7 @@ $post['extension'] == ($config['thumb_ext'] ? $config['thumb_ext'] : $post['extension'])) { // Copy, because there's nothing to resize - copy($post['file'], $post['thumb']); + copy($upload, $post['thumb']); $post['thumbwidth'] = $image->size->width; $post['thumbheight'] = $image->size->height; @@ -547,6 +548,9 @@ if($config['redraw_image']) { $image->to($post['file']); + } else { + if(!@move_uploaded_file($_FILES['file']['tmp_name'], $post['file'])) + error($config['error']['nomove']); } $image->destroy();