Digitalstack/ZnoteAAC
2
0
Fork 0
mirror of https://github.com/Znote/ZnoteAAC.git synced 2025-10-20 04:43:26 +02:00
Code Issues Packages Projects Releases Wiki Activity

guilds.php cleanup

Browse Source
This commit is contained in:
Znote
2021-07-22 15:30:03 +02:00
parent 1701d48629
commit 2ec9cfbff4
4 changed files with 1008 additions and 1015 deletions
Download Patch File Download Diff File Expand all files Collapse all files

95
engine/function/general.php
View File

@@ -422,10 +422,8 @@ function output_errors($errors) {
return '<ul><li>'. implode('</li><li>', $errors) .'</li></ul>';
}
// Resize images
// Resize images and create image
function resize_imagex($file, $width, $height) {
list($w, $h) = getimagesize($file['tmp']);
$ratio = max($width/$w, $height/$h);
@@ -443,7 +441,8 @@ function resize_imagex($file, $width, $height) {
0, 0,
$x, 0,
$width, $height,
$w, $h);
$w, $h
);
imagegif($tmp, $path);
imagedestroy($image);
@@ -452,71 +451,43 @@ function resize_imagex($file, $width, $height) {
return true;
}
// Guild logo upload security
// Validate guild logo
function check_image($image) {
$image_data = array(
'new_name' => $_GET['name'].'.gif',
'name' => $image['name'],
'tmp' => $image['tmp_name'],
'error' => $image['error'],
'size' => $image['size'],
'type' => $image['type']
);
$image_data = array('new_name' => $_GET['name'].'.gif', 'name' => $image['name'], 'tmp' => $image['tmp_name'], 'error' => $image['error'], 'size' => $image['size'], 'type' => $image['type']);
// First security check, quite useless but still do its job
if ($image_data['type'] === 'image/gif') {
// Second security check, lets go
$check = getimagesize($image_data['tmp']);
if ($check) {
// Third
if ($check['mime'] === 'image/gif') {
$path_info = pathinfo($image_data['name']);
// Last one
if ($path_info['extension'] === 'gif') {
// Resize image
$img = resize_imagex($image_data, 100, 100);
if ($img) {
header('Location: guilds.php?name='. $_GET['name']);
exit();
}
} else {
header('Location: guilds.php?error=Only gif images accepted, you uploaded:['.$path_info['extension'].'].&name='. $_GET['name']);
exit();
}
} else {
header('Location: guilds.php?error=Only gif images accepted, you uploaded:['.$check['mime'].'].&name='. $_GET['name']);
exit();
}
} else {
header('Location: guilds.php?error=Uploaded image is invalid.&name='. $_GET['name']);
exit();
}
} else {
if ($image_data['type'] !== 'image/gif') {
header('Location: guilds.php?error=Only gif images are accepted, you uploaded:['.$image_data['type'].'].&name='. $_GET['name']);
exit();
}
}
// Check guild logo
function logo_exists($guild) {
$guild = sanitize($guild);
if (file_exists('engine/guildimg/'.$guild.'.gif')) {
$check = getimagesize($image_data['tmp']);
if (!$check) {
header('Location: guilds.php?error=Uploaded image is invalid.&name='. $_GET['name']);
exit();
}
echo'engine/guildimg/'.$guild.'.gif';
} else {
echo'engine/guildimg/default@logo.gif';
if ($check['mime'] !== 'image/gif') {
header('Location: guilds.php?error=Only gif images accepted, you uploaded:['.$check['mime'].'].&name='. $_GET['name']);
exit();
}
$path_info = pathinfo($image_data['name']);
if ($path_info['extension'] !== 'gif') {
header('Location: guilds.php?error=Only gif images accepted, you uploaded:['.$path_info['extension'].'].&name='. $_GET['name']);
exit();
}
// Resize image
if (resize_imagex($image_data, 100, 100)) {
header('Location: guilds.php?name='. $_GET['name']);
exit();
}
}