"TYPO3 4.0.1: typo3_src-4.0.1/typo3/sysext/cms/tslib/showpic.php Source File", "datetime" => "Sat Dec 2 19:22:30 2006", "date" => "2 Dec 2006", "doxygenversion" => "1.4.6", "projectname" => "TYPO3 4.0.1", "projectnumber" => "4.0.1" ); get_header($doxygen_vars); ?>

showpic.php

00001 <?php
00002 /***************************************************************
00003 *  Copyright notice
00004 *
00005 *  (c) 1999-2005 Kasper Skaarhoj (kasperYYYY@typo3.com)
00006 *  All rights reserved
00007 *
00008 *  This script is part of the TYPO3 project. The TYPO3 project is
00009 *  free software; you can redistribute it and/or modify
00010 *  it under the terms of the GNU General Public License as published by
00011 *  the Free Software Foundation; either version 2 of the License, or
00012 *  (at your option) any later version.
00013 *
00014 *  The GNU General Public License can be found at
00015 *  http://www.gnu.org/copyleft/gpl.html.
00016 *  A copy is found in the textfile GPL.txt and important notices to the license
00017 *  from the author is found in LICENSE.txt distributed with these scripts.
00018 *
00019 *
00020 *  This script is distributed in the hope that it will be useful,
00021 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
00022 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00023 *  GNU General Public License for more details.
00024 *
00025 *  This copyright notice MUST APPEAR in all copies of the script!
00026 ***************************************************************/
00054 // *******************************
00055 // Set error reporting
00056 // *******************************
00057 error_reporting (E_ALL ^ E_NOTICE);
00058 
00059 
00060 // ***********************
00061 // Paths are setup
00062 // ***********************
00063 define('TYPO3_OS', stristr(PHP_OS,'win')&&!stristr(PHP_OS,'darwin')?'WIN':'');
00064 define('TYPO3_MODE','FE');
00065 if (!defined('PATH_thisScript'))        define('PATH_thisScript',str_replace('//','/', str_replace('\\','/', (php_sapi_name()=='cgi'||php_sapi_name()=='isapi' ||php_sapi_name()=='cgi-fcgi')&&($_SERVER['ORIG_PATH_TRANSLATED']?$_SERVER['ORIG_PATH_TRANSLATED']:$_SERVER['PATH_TRANSLATED'])? ($_SERVER['ORIG_PATH_TRANSLATED']?$_SERVER['ORIG_PATH_TRANSLATED']:$_SERVER['PATH_TRANSLATED']):($_SERVER['ORIG_SCRIPT_FILENAME']?$_SERVER['ORIG_SCRIPT_FILENAME']:$_SERVER['SCRIPT_FILENAME']))));
00066 
00067 if (!defined('PATH_site'))                      define('PATH_site', dirname(PATH_thisScript).'/');
00068 if (!defined('PATH_t3lib'))             define('PATH_t3lib', PATH_site.'t3lib/');
00069 define('PATH_tslib', PATH_site.'tslib/');
00070 define('PATH_typo3conf', PATH_site.'typo3conf/');
00071 define('TYPO3_mainDir', 'typo3/');              // This is the directory of the backend administration for the sites of this TYPO3 installation.
00072 
00073 if (!@is_dir(PATH_typo3conf))   die('Cannot find configuration. This file is probably executed from the wrong location.');
00074 
00075 require_once(PATH_t3lib.'class.t3lib_div.php');
00076 require_once(PATH_t3lib.'class.t3lib_extmgm.php');
00077 
00078 // ******************
00079 // Including config
00080 // ******************
00081 require_once(PATH_t3lib.'config_default.php');
00082 if (!defined ('TYPO3_db'))      die ('The configuration file was not included.');
00083 
00084 require_once(PATH_t3lib.'class.t3lib_db.php');
00085 $TYPO3_DB = t3lib_div::makeInstance('t3lib_DB');
00086 
00087 
00088 
00089 
00090 
00091 
00092 
00093 
00094 # NOTICE: ALL LINES above can be commented out since this script is now used via the ?eID=tx_cms_showpic parameter passed to index.php!
00095 # For backwards compatibility in extensions using showpic.php directly this is kept for the version 4.0 until 4.5 where it is planned removed!
00096 
00097 if (!defined ('PATH_typo3conf'))        die ('The configuration path was not properly defined!');
00098 require_once(PATH_t3lib.'class.t3lib_stdgraphic.php');
00099 
00100 
00101 
00102 
00103 
00112 class SC_tslib_showpic {
00113         var $content;           // Page content accumulated here.
00114 
00115                 // Parameters loaded into these internal variables:
00116         var $file;
00117         var $width;
00118         var $height;
00119         var $sample;
00120         var $alternativeTempPath;
00121         var $effects;
00122         var $frame;
00123         var $bodyTag;
00124         var $title;
00125         var $wrap;
00126         var $md5;
00127 
00133         function init() {
00134                         // Loading internal vars with the GET/POST parameters from outside:
00135                 $this->file = t3lib_div::_GP('file');
00136                 $this->width = t3lib_div::_GP('width');
00137                 $this->height = t3lib_div::_GP('height');
00138                 $this->sample = t3lib_div::_GP('sample');
00139                 $this->alternativeTempPath = t3lib_div::_GP('alternativeTempPath');
00140                 $this->effects = t3lib_div::_GP('effects');
00141                 $this->frame = t3lib_div::_GP('frame');
00142                 $this->bodyTag = t3lib_div::_GP('bodyTag');
00143                 $this->title = t3lib_div::_GP('title');
00144                 $this->wrap = t3lib_div::_GP('wrap');
00145                 $this->md5 = t3lib_div::_GP('md5');
00146 
00147                 // ***********************
00148                 // Check parameters
00149                 // ***********************
00150                         // If no file-param is given, we must exit
00151                 if (!$this->file)       {
00152                         die('Parameter Error: No file given.');
00153                 }
00154 
00155                         // Chech md5-checksum: If this md5-value does not match the one submitted, then we fail... (this is a kind of security that somebody don't just hit the script with a lot of different parameters
00156                 $md5_value = md5(
00157                                 $this->file.'|'.
00158                                 $this->width.'|'.
00159                                 $this->height.'|'.
00160                                 $this->effects.'|'.
00161                                 $this->bodyTag.'|'.
00162                                 $this->title.'|'.
00163                                 $this->wrap.'|'.
00164                                 $GLOBALS['TYPO3_CONF_VARS']['SYS']['encryptionKey'].'|');
00165 
00166                 if ($md5_value!=$this->md5) {
00167                         die('Parameter Error: Wrong parameters sent.');
00168                 }
00169 
00170                 // ***********************
00171                 // Check the file. If must be in a directory beneath the dir of this script...
00172                 // $this->file remains unchanged, because of the code in stdgraphic, but we do check if the file exists within the current path
00173                 // ***********************
00174 
00175                 $test_file=PATH_site.$this->file;
00176                 if (!t3lib_div::validPathStr($test_file))       {
00177                         die('Parameter Error: No valid filepath');
00178                 }
00179                 if (!@is_file($test_file))      {
00180                         die('The given file was not found');
00181                 }
00182         }
00183 
00190         function main() {
00191 
00192                         // Creating stdGraphic object, initialize it and make image:
00193                 $img = t3lib_div::makeInstance('t3lib_stdGraphic');
00194                 $img->mayScaleUp = 0;
00195                 $img->init();
00196                 if ($this->sample)      {$img->scalecmd = '-sample';}
00197                 if ($this->alternativeTempPath && t3lib_div::inList($GLOBALS['TYPO3_CONF_VARS']['FE']['allowedTempPaths'],$this->alternativeTempPath))  {
00198                         $img->tempPath = $this->alternativeTempPath;
00199                 }
00200 
00201                 // Need to connect to database, because this is used (typo3temp_db_tracking, cached image dimensions).
00202                 $GLOBALS['TYPO3_DB']->sql_pconnect(TYPO3_db_host, TYPO3_db_username, TYPO3_db_password);
00203                 $GLOBALS['TYPO3_DB']->sql_select_db(TYPO3_db);
00204 
00205                 if (strstr($this->width.$this->height, 'm')) {$max='m';} else {$max='';}
00206 
00207                 $this->height = t3lib_div::intInRange($this->height,0);
00208                 $this->width = t3lib_div::intInRange($this->width,0);
00209                 if ($this->frame)       {$this->frame = intval($this->frame);}
00210                 $imgInfo = $img->imageMagickConvert($this->file,'web',$this->width.$max,$this->height,$img->IMparams($this->effects),$this->frame,'');
00211 
00212                         // Create HTML output:
00213                 $this->content='';
00214                 $this->content.='
00215 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
00216 
00217 <html>
00218 <head>
00219         <title>'.htmlspecialchars($this->title ? $this->title : "Image").'</title>
00220 </head>
00221                 '.($this->bodyTag ? $this->bodyTag : '<body>');
00222 
00223                 if (is_array($imgInfo)) {
00224                         $wrapParts = explode('|',$this->wrap);
00225                         $this->content.=trim($wrapParts[0]).$img->imgTag($imgInfo).trim($wrapParts[1]);
00226                 }
00227                 $this->content.='
00228                 </body>
00229                 </html>';
00230         }
00231 
00237         function printContent() {
00238                 echo $this->content;
00239         }
00240 }
00241 
00242 // Include extension?
00243 if (defined('TYPO3_MODE') && $TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['tslib/showpic.php'])       {
00244         include_once($TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['tslib/showpic.php']);
00245 }
00246 
00247 
00248 
00249 
00250 
00251 
00252 
00253 
00254 
00255 
00256 
00257 
00258 // Make instance:
00259 $SOBE = t3lib_div::makeInstance('SC_tslib_showpic');
00260 $SOBE->init();
00261 $SOBE->main();
00262 $SOBE->printContent();
00263 ?>