From 5e0cfd96233b84478682053aed29c38e24774a0e Mon Sep 17 00:00:00 2001 From: Devesa Agustín Date: Wed, 8 Jan 2020 14:04:14 -0300 Subject: Update Image_lib.php --- system/libraries/Image_lib.php | 30 +++++++++++++++++++++--------- 1 file changed, 21 insertions(+), 9 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Image_lib.php b/system/libraries/Image_lib.php index b595d0f63..0d9fa4420 100644 --- a/system/libraries/Image_lib.php +++ b/system/libraries/Image_lib.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2017, British Columbia Institute of Technology + * Copyright (c) 2014 - 2019, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,8 +29,8 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) - * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) - * @license http://opensource.org/licenses/MIT MIT License + * @copyright Copyright (c) 2014 - 2019, British Columbia Institute of Technology (https://bcit.ca/) + * @license https://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 1.0.0 * @filesource @@ -835,7 +835,10 @@ class CI_Image_lib { imagedestroy($dst_img); imagedestroy($src_img); - chmod($this->full_dst_path, $this->file_permissions); + if ($this->dynamic_output !== TRUE) + { + chmod($this->full_dst_path, $this->file_permissions); + } return TRUE; } @@ -976,7 +979,7 @@ class CI_Image_lib { $cmd_inner = 'pnmscale -xysize '.$this->width.' '.$this->height; } - $cmd = $this->library_path.$cmd_in.' '.$this->full_src_path.' | '.$cmd_inner.' | '.$cmd_out.' > '.$this->dest_folder.'netpbm.tmp'; + $cmd = $this->library_path.$cmd_in.' '.escapeshellarg($this->full_src_path).' | '.$cmd_inner.' | '.$cmd_out.' > '.$this->dest_folder.'netpbm.tmp'; $retval = 1; // exec() might be disabled @@ -1208,7 +1211,7 @@ class CI_Image_lib { } // Build the finalized image - if ($wm_img_type === 3 && function_exists('imagealphablending')) + if ($wm_img_type === 3) { @imagealphablending($src_img, TRUE); } @@ -1471,8 +1474,6 @@ class CI_Image_lib { $this->set_error(array('imglib_unsupported_imagecreate', 'imglib_png_not_supported')); return FALSE; } - - return imagecreatefrompng($path); case 18: if ( ! function_exists('imagecreatefromwebp')) { @@ -1480,6 +1481,8 @@ class CI_Image_lib { return FALSE; } return imagecreatefromwebp($path); + + return imagecreatefrompng($path); default: $this->set_error(array('imglib_unsupported_imagecreate')); return FALSE; @@ -1572,7 +1575,16 @@ class CI_Image_lib { */ public function image_display_gd($resource) { - header('Content-Disposition: filename='.$this->source_image.';'); + // RFC 6266 allows for multibyte filenames, but only in UTF-8, + // so we have to make it conditional ... + $filename = basename(empty($this->new_image) ? $this->source_image : $this->new_image); + $charset = strtoupper(config_item('charset')); + $utf8_filename = ($charset !== 'UTF-8') + ? get_instance()->utf8->convert_to_utf8($filename, $charset) + : $filename; + isset($utf8_filename[0]) && $utf8_filename = " filename*=UTF-8''".rawurlencode($utf8_filename); + + header('Content-Disposition: filename="'.$filename.'";'.$utf8_filename); header('Content-Type: '.$this->mime_type); header('Content-Transfer-Encoding: binary'); header('Last-Modified: '.gmdate('D, d M Y H:i:s', time()).' GMT'); -- cgit v1.2.3-24-g4f1b