aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorredmatrix <redmatrix@redmatrix.me>2015-09-26 13:25:34 -0700
committerredmatrix <redmatrix@redmatrix.me>2015-09-26 13:25:34 -0700
commit9ab335626cdaad433c8f5b6d7fd4d980c1b37742 (patch)
tree7cf15fb099740a61b60b1ebaeb8e1c220c889c81 /include
parent9bde18492a66c6657556307d22e88762df938f94 (diff)
downloadvolse-hubzilla-9ab335626cdaad433c8f5b6d7fd4d980c1b37742.tar.gz
volse-hubzilla-9ab335626cdaad433c8f5b6d7fd4d980c1b37742.tar.bz2
volse-hubzilla-9ab335626cdaad433c8f5b6d7fd4d980c1b37742.zip
import_xchan_photo: check the return headers to ensure it's an image content-type of some form as imagick chucks a wobbly if you try to initialise an image with an html error page.
Diffstat (limited to 'include')
-rw-r--r--include/photo/photo_driver.php108
-rw-r--r--include/zot.php2
2 files changed, 64 insertions, 46 deletions
diff --git a/include/photo/photo_driver.php b/include/photo/photo_driver.php
index 2a7d1ae01..32b9bd302 100644
--- a/include/photo/photo_driver.php
+++ b/include/photo/photo_driver.php
@@ -591,67 +591,85 @@ function import_xchan_photo($photo,$xchan,$thing = false) {
if(! $type)
$type = 'image/jpeg';
+
$result = z_fetch_url($photo,true);
- if($result['success'])
+ if($result['success']) {
$img_str = $result['body'];
- }
-
- $img = photo_factory($img_str, $type);
- if($img->is_valid()) {
- $width = $img->getWidth();
- $height = $img->getHeight();
-
- if($width && $height) {
- if(($width / $height) > 1.2) {
- // crop out the sides
- $margin = $width - $height;
- $img->cropImage(300,($margin / 2),0,$height,$height);
- }
- elseif(($height / $width) > 1.2) {
- // crop out the bottom
- $margin = $height - $width;
- $img->cropImage(300,0,0,$width,$width);
+ $h = explode("\n",$result['header']);
+ if($h) {
+ foreach($h as $hl) {
+ if(stristr($hl,'content-type:')) {
+ if(! stristr($hl,'image/')) {
+ $photo_failure = true;
+ }
+ }
+ }
}
- else {
- $img->scaleImageSquare(300);
- }
-
}
- else
- $photo_failure = true;
+ }
+ else {
+ $photo_failure = true;
+ }
- $p = array('xchan' => $xchan,'resource_id' => $hash, 'filename' => basename($photo), 'album' => $album, 'photo_usage' => $flags, 'scale' => 4);
+ if(! $photo_failure) {
+ $img = photo_factory($img_str, $type);
+ if($img->is_valid()) {
+ $width = $img->getWidth();
+ $height = $img->getHeight();
+
+ if($width && $height) {
+ if(($width / $height) > 1.2) {
+ // crop out the sides
+ $margin = $width - $height;
+ $img->cropImage(300,($margin / 2),0,$height,$height);
+ }
+ elseif(($height / $width) > 1.2) {
+ // crop out the bottom
+ $margin = $height - $width;
+ $img->cropImage(300,0,0,$width,$width);
- $r = $img->save($p);
+ }
+ else {
+ $img->scaleImageSquare(300);
+ }
- if($r === false)
- $photo_failure = true;
+ }
+ else
+ $photo_failure = true;
- $img->scaleImage(80);
- $p['scale'] = 5;
+ $p = array('xchan' => $xchan,'resource_id' => $hash, 'filename' => basename($photo), 'album' => $album, 'photo_usage' => $flags, 'scale' => 4);
- $r = $img->save($p);
+ $r = $img->save($p);
- if($r === false)
- $photo_failure = true;
+ if($r === false)
+ $photo_failure = true;
- $img->scaleImage(48);
- $p['scale'] = 6;
+ $img->scaleImage(80);
+ $p['scale'] = 5;
+
+ $r = $img->save($p);
- $r = $img->save($p);
+ if($r === false)
+ $photo_failure = true;
+
+ $img->scaleImage(48);
+ $p['scale'] = 6;
+
+ $r = $img->save($p);
- if($r === false)
- $photo_failure = true;
+ if($r === false)
+ $photo_failure = true;
- $photo = $a->get_baseurl() . '/photo/' . $hash . '-4';
- $thumb = $a->get_baseurl() . '/photo/' . $hash . '-5';
- $micro = $a->get_baseurl() . '/photo/' . $hash . '-6';
- }
- else {
- logger('import_xchan_photo: invalid image from ' . $photo);
- $photo_failure = true;
+ $photo = $a->get_baseurl() . '/photo/' . $hash . '-4';
+ $thumb = $a->get_baseurl() . '/photo/' . $hash . '-5';
+ $micro = $a->get_baseurl() . '/photo/' . $hash . '-6';
+ }
+ else {
+ logger('import_xchan_photo: invalid image from ' . $photo);
+ $photo_failure = true;
+ }
}
if($photo_failure) {
$photo = $a->get_baseurl() . '/' . get_default_profile_photo();
diff --git a/include/zot.php b/include/zot.php
index 9bddb520d..ee3f603cd 100644
--- a/include/zot.php
+++ b/include/zot.php
@@ -2866,7 +2866,7 @@ function build_sync_packet($uid = 0, $packet = null, $groups_changed = false) {
// don't pass these elements, they should not be synchronised
- $disallowed = array('channel_id','channel_account_id','channel_primary','channel_prvkey','channel_address');
+ $disallowed = array('channel_id','channel_account_id','channel_primary','channel_prvkey','channel_address','channel_deleted','channel_removed','channel_system');
if(in_array($k,$disallowed))
continue;