APNG detecting
This commit is contained in:
parent
5a2d4e842b
commit
74dd1bc1d1
|
|
@ -126,6 +126,7 @@ if (!$cache_loaded) {
|
|||
} else {
|
||||
$cf['I0_USER_IP'] = $_SERVER['REMOTE_ADDR'];
|
||||
}
|
||||
$cf['I0_DISABLE_APNG'] = false; // Disable APNG upload if you don't want anyone to abuse CSAM
|
||||
|
||||
|
||||
// --------------------------------------- CSS styles ---------------------------------------
|
||||
|
|
|
|||
|
|
@ -163,6 +163,32 @@ class Upload {
|
|||
$this->attachments = $attachments;
|
||||
}
|
||||
|
||||
function is_apng($filename)
|
||||
{
|
||||
$f = new SplFileObject($filename, 'rb');
|
||||
$header = $f->fread(8);
|
||||
if ($header !== "\x89PNG\r\n\x1A\n") {
|
||||
return false;
|
||||
}
|
||||
while (!$f->eof()) {
|
||||
$bytes = $f->fread(4);
|
||||
if (strlen($bytes) < 4) {
|
||||
return false;
|
||||
}
|
||||
$length = unpack('N', $bytes)[1];
|
||||
$chunkname = $f->fread(4);
|
||||
switch ($chunkname) {
|
||||
case 'acTL':
|
||||
return true;
|
||||
case 'IDAT':
|
||||
return false;
|
||||
}
|
||||
$f->fseek($length + 4, SEEK_CUR);
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
function ParseEmbed($url) {
|
||||
$sites = array(
|
||||
'you' => "/(?:youtu(?:\.be|be\.com)\/(?:.*v(?:\/|=)|(?:.*\/)?)(?P<code>[\w'-]+))(?:[?#&]t=(?:(?P<h>[0-9]{1,2})h)?(?:(?P<m>[0-9]{1,2})m)?(?:(?P<s>[0-9]{1,2})s)?)?/i",
|
||||
|
|
@ -340,6 +366,11 @@ class Upload {
|
|||
if($thumbs) {
|
||||
$attachment['imgWidth_thumb'] = $thumbs['thumbwidth'];
|
||||
$attachment['imgHeight_thumb'] = $thumbs['thumbheight'];
|
||||
if (I0_DISABLE_APNG) {
|
||||
if ($this->is_apng($attachment['tmp_name'])){
|
||||
$this->exitWithUploadErrorPage(_gettext('Uploading APNG is disabled'), $atype, $i, $filename);
|
||||
}
|
||||
}
|
||||
$move_result = move_uploaded_file($attachment['tmp_name'], $attachment['file_location']);
|
||||
if (!$move_result) {
|
||||
$this->exitWithUploadErrorPage(_gettext('Could not copy uploaded image.'), $atype, $i, $filename);
|
||||
|
|
@ -353,7 +384,11 @@ class Upload {
|
|||
else {
|
||||
$attachment['file_thumb_location'] = KU_BOARDSDIR . $board_class->board['name'] . '/thumb/' . $attachment['file_name'] . 's' . $attachment['file_type'];
|
||||
$attachment['file_thumb_cat_location'] = KU_BOARDSDIR . $board_class->board['name'] . '/thumb/' . $attachment['file_name'] . 'c' . $attachment['file_type'];
|
||||
|
||||
if (I0_DISABLE_APNG) {
|
||||
if ($this->is_apng($attachment['tmp_name'])){
|
||||
$this->exitWithUploadErrorPage(_gettext('Uploading APNG is disabled'), $atype, $i, $filename);
|
||||
}
|
||||
}
|
||||
if (!move_uploaded_file($attachment['tmp_name'], $attachment['file_location'])) {
|
||||
$this->exitWithUploadErrorPage(_gettext('Could not copy uploaded image.'), $atype, $i, $filename);
|
||||
}
|
||||
|
|
@ -470,7 +505,11 @@ class Upload {
|
|||
unlink($attachment['file_location'].".tmp");
|
||||
}
|
||||
}
|
||||
|
||||
if (I0_DISABLE_APNG) {
|
||||
if ($this->is_apng($attachment['tmp_name'])){
|
||||
$this->exitWithUploadErrorPage(_gettext('Uploading APNG is disabled'), $atype, $i, $filename);
|
||||
}
|
||||
}
|
||||
/* Move the file from the post data to the server */
|
||||
if (!move_uploaded_file($attachment['tmp_name'], $attachment['file_location'])) {
|
||||
$this->exitWithUploadErrorPage(_gettext('Could not copy uploaded image.'), $atype, $i, $filename);
|
||||
|
|
|
|||
Loading…
Reference in New Issue