summaryrefslogtreecommitdiffstats
path: root/system/libraries/Image_lib.php
diff options
context:
space:
mode:
Diffstat (limited to 'system/libraries/Image_lib.php')
-rw-r--r--system/libraries/Image_lib.php21
1 files changed, 13 insertions, 8 deletions
diff --git a/system/libraries/Image_lib.php b/system/libraries/Image_lib.php
index f594b7125..24fe8c68d 100644
--- a/system/libraries/Image_lib.php
+++ b/system/libraries/Image_lib.php
@@ -456,7 +456,7 @@ class CI_Image_lib {
{
if (property_exists($this, $key))
{
- if (in_array($key, array('wm_font_color', 'wm_shadow_color')))
+ if (in_array($key, array('wm_font_color', 'wm_shadow_color'), TRUE))
{
if (preg_match('/^#?([0-9a-f]{3}|[0-9a-f]{6})$/i', $val, $matches))
{
@@ -478,6 +478,10 @@ class CI_Image_lib {
continue;
}
}
+ elseif (in_array($key, array('width', 'height'), TRUE) && ! ctype_digit((string) $val))
+ {
+ continue;
+ }
$this->$key = $val;
}
@@ -862,27 +866,28 @@ class CI_Image_lib {
if ($action === 'crop')
{
- $cmd .= ' -crop '.$this->width.'x'.$this->height.'+'.$this->x_axis.'+'.$this->y_axis.' "'.$this->full_src_path.'" "'.$this->full_dst_path .'" 2>&1';
+ $cmd .= ' -crop '.$this->width.'x'.$this->height.'+'.$this->x_axis.'+'.$this->y_axis;
}
elseif ($action === 'rotate')
{
- $angle = ($this->rotation_angle === 'hor' OR $this->rotation_angle === 'vrt')
- ? '-flop' : '-rotate '.$this->rotation_angle;
-
- $cmd .= ' '.$angle.' "'.$this->full_src_path.'" "'.$this->full_dst_path.'" 2>&1';
+ $cmd .= ($this->rotation_angle === 'hor' OR $this->rotation_angle === 'vrt')
+ ? ' -flop'
+ : ' -rotate '.$this->rotation_angle;
}
else // Resize
{
if($this->maintain_ratio === TRUE)
{
- $cmd .= ' -resize '.$this->width.'x'.$this->height.' "'.$this->full_src_path.'" "'.$this->full_dst_path.'" 2>&1';
+ $cmd .= ' -resize '.$this->width.'x'.$this->height;
}
else
{
- $cmd .= ' -resize '.$this->width.'x'.$this->height.'\! "'.$this->full_src_path.'" "'.$this->full_dst_path.'" 2>&1';
+ $cmd .= ' -resize '.$this->width.'x'.$this->height.'\!';
}
}
+ $cmd .= ' "'.escapeshellarg($this->full_src_path).'" "'.escapeshellarg($this->full_dst_path).'" 2>&1';
+
$retval = 1;
// exec() might be disabled
if (function_usable('exec'))
generated by cgit v1.2.3-24-g4f1b (git 2.32.0) at 2024-07-23 17:57:20 +0200