API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 2nd, 2011
332
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Diff 2.45 KB | None | 0 0
raw download clone embed print report
  1. --- timthumb.php    2011-08-02 08:15:25.000000000 -0700
  2. +++ timthumb.new.php    2011-08-02 11:35:23.000000000 -0700
  3. @@ -611,6 +611,17 @@
  4.     return preg_match ($pattern, $url);
  5.  }
  6.  
  7. +/**
  8. + *
  9. + * @param string $file path to file to be unlinked
  10. + */
  11. +function timthumb_shutdown_unlink( $file ) {
  12. +   if ( !file_exists( $file ) )
  13. +       return;
  14. +   if ( !is_writable( $file ) )
  15. +       return;
  16. +   @unlink( $file );
  17. +}
  18.  
  19.  /**
  20.   *
  21. @@ -624,6 +635,11 @@
  22.  
  23.     // work out file details
  24.     $filename = 'external_' . md5 ($src);
  25. +   // create a temporary file outside the webroot which will be safer to work with on properly configured servers
  26. +   $temp_path = tempnam( sys_get_temp_dir(), 'timthumb-' );
  27. +   // and make sure we clean up our temporary file on shutdown
  28. +   register_shutdown_function( 'timthumb_shutdown_unlink', $temp_path );
  29. +   // define where, if all goes well, the file should end up after security checks
  30.     $local_filepath = DIRECTORY_CACHE . '/' . $filename;
  31.    
  32.     // only do this stuff the file doesn't already exist
  33. @@ -671,7 +687,7 @@
  34.  
  35.                     global $fh;
  36.  
  37. -                   $fh = fopen ($local_filepath, 'w');
  38. +                   $fh = fopen ($temp_path, 'w');
  39.                     $ch = curl_init ($src);
  40.  
  41.                     curl_setopt ($ch, CURLOPT_TIMEOUT, CURL_TIMEOUT);
  42. @@ -684,25 +700,21 @@
  43.                     curl_setopt ($ch, CURLOPT_WRITEFUNCTION, 'curl_write');
  44.  
  45.                     // error so die
  46. -                   if (curl_exec ($ch) === FALSE) {
  47. -                       unlink ($local_filepath);
  48. -                       touch ($local_filepath);
  49. +                   if (curl_exec ($ch) === FALSE)
  50.                         display_error ('error reading file ' . $src . ' from remote host: ' . curl_error ($ch));
  51. -                   }
  52.  
  53.                     curl_close ($ch);
  54.                     fclose ($fh);
  55.                    
  56.                     // check it's actually an image
  57. -                   $file_infos = getimagesize ($local_filepath);
  58. +                   $file_infos = getimagesize ($temp_path);
  59.  
  60.                     // no mime type or invalid mime type
  61. -                   if (empty ($file_infos['mime']) || !preg_match ("/jpg|jpeg|gif|png/i", $file_infos['mime'])) {
  62. -                       unlink ($local_filepath);
  63. -                       touch ($local_filepath);
  64. +                   if (empty ($file_infos['mime']) || !preg_match ("/jpg|jpeg|gif|png/i", $file_infos['mime']))
  65.                         display_error ('remote file not a valid image');
  66. -                   }                  
  67.  
  68. +                   // move the temporary file to where we expect it to be
  69. +                   copy( $temp_path, $local_filepath );
  70.                  } else {
  71.  
  72.                     if (!$img = file_get_contents ($src)) {
  73. @@ -861,4 +873,4 @@
  74.     echo '<br />TimThumb version : ' . VERSION . '</pre>';
  75.      die ();
  76.  
  77. -}
  78. \ No newline at end of file
  79. +}
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!