diff options
| author | Andrey Andreev <narf@devilix.net> | 2016-07-26 20:03:12 +0200 |
|---|---|---|
| committer | Andrey Andreev <narf@devilix.net> | 2016-07-26 20:03:12 +0200 |
| commit | 77266bc6a01668b2106b9974da02e2a7ceaf2fe6 (patch) | |
| tree | 955346c3278c03a2ff4174b9d078e9416a298ee9 /system/libraries/Image_lib.php | |
| parent | a9874a638970ef826f835718e58b197ff3672566 (diff) | |
| parent | 0b9540209499fbd0515e13fdc66e85dea4b6baad (diff) | |
Merge branch '3.1-stable' into develop
Conflicts resolved:
.travis.yml
system/core/CodeIgniter.php
system/database/drivers/oci8/oci8_forge.php
system/database/drivers/pdo/subdrivers/pdo_oci_forge.php
system/helpers/path_helper.php
system/libraries/Email.php
user_guide_src/source/changelog.rst
user_guide_src/source/conf.py
user_guide_src/source/contributing/index.rst
user_guide_src/source/general/requirements.rst
user_guide_src/source/general/styleguide.rst
user_guide_src/source/installation/downloads.rst
user_guide_src/source/installation/upgrade_310.rst
user_guide_src/source/installation/upgrading.rst
Diffstat (limited to 'system/libraries/Image_lib.php')
| -rw-r--r-- | system/libraries/Image_lib.php | 21 |
1 files changed, 13 insertions, 8 deletions
diff --git a/system/libraries/Image_lib.php b/system/libraries/Image_lib.php index f594b7125..24fe8c68d 100644 --- a/system/libraries/Image_lib.php +++ b/system/libraries/Image_lib.php @@ -456,7 +456,7 @@ class CI_Image_lib { { if (property_exists($this, $key)) { - if (in_array($key, array('wm_font_color', 'wm_shadow_color'))) + if (in_array($key, array('wm_font_color', 'wm_shadow_color'), TRUE)) { if (preg_match('/^#?([0-9a-f]{3}|[0-9a-f]{6})$/i', $val, $matches)) { @@ -478,6 +478,10 @@ class CI_Image_lib { continue; } } + elseif (in_array($key, array('width', 'height'), TRUE) && ! ctype_digit((string) $val)) + { + continue; + } $this->$key = $val; } @@ -862,27 +866,28 @@ class CI_Image_lib { if ($action === 'crop') { - $cmd .= ' -crop '.$this->width.'x'.$this->height.'+'.$this->x_axis.'+'.$this->y_axis.' "'.$this->full_src_path.'" "'.$this->full_dst_path .'" 2>&1'; + $cmd .= ' -crop '.$this->width.'x'.$this->height.'+'.$this->x_axis.'+'.$this->y_axis; } elseif ($action === 'rotate') { - $angle = ($this->rotation_angle === 'hor' OR $this->rotation_angle === 'vrt') - ? '-flop' : '-rotate '.$this->rotation_angle; - - $cmd .= ' '.$angle.' "'.$this->full_src_path.'" "'.$this->full_dst_path.'" 2>&1'; + $cmd .= ($this->rotation_angle === 'hor' OR $this->rotation_angle === 'vrt') + ? ' -flop' + : ' -rotate '.$this->rotation_angle; } else // Resize { if($this->maintain_ratio === TRUE) { - $cmd .= ' -resize '.$this->width.'x'.$this->height.' "'.$this->full_src_path.'" "'.$this->full_dst_path.'" 2>&1'; + $cmd .= ' -resize '.$this->width.'x'.$this->height; } else { - $cmd .= ' -resize '.$this->width.'x'.$this->height.'\! "'.$this->full_src_path.'" "'.$this->full_dst_path.'" 2>&1'; + $cmd .= ' -resize '.$this->width.'x'.$this->height.'\!'; } } + $cmd .= ' "'.escapeshellarg($this->full_src_path).'" "'.escapeshellarg($this->full_dst_path).'" 2>&1'; + $retval = 1; // exec() might be disabled if (function_usable('exec')) |