From b554aaa28234f60010fc40682cc8ce72b2845273 Mon Sep 17 00:00:00 2001 From: David Baltusavich Date: Tue, 20 Sep 2022 15:02:12 -0400 Subject: [PATCH 1/7] escape problematic parts of url --- Thumbnailer.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Thumbnailer.php b/Thumbnailer.php index fd94b33..abec920 100755 --- a/Thumbnailer.php +++ b/Thumbnailer.php @@ -125,8 +125,8 @@ public function get( $url = Yii::getAlias("{$host}{$url}"); } - $entities = array('%2F', '%3A'); - $replacements = array("/", ':'); + $entities = array('%2F', '%3A', '?', '=', '&'); + $replacements = array("/", ':', '-', '-', '-'); $testUrl = str_replace($entities, $replacements, urlencode($url)); if (!filter_var($testUrl, FILTER_VALIDATE_URL)) { throw new InvalidArgumentException(Yii::t('app', $testUrl.' expects a valid URL')); From 985d0afad6d580232fbff13083f8be56d8728bbf Mon Sep 17 00:00:00 2001 From: David Baltusavich Date: Tue, 20 Sep 2022 15:12:59 -0400 Subject: [PATCH 2/7] try again to fix filename problems --- Thumbnailer.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/Thumbnailer.php b/Thumbnailer.php index abec920..bb944f5 100755 --- a/Thumbnailer.php +++ b/Thumbnailer.php @@ -20,6 +20,7 @@ use yii\helpers\Url; use yii\imagine\Image as Imagine; use yii\caching\CacheInterface; +use yii\helpers\Inflector; /** * Image thumbnailer for Yii2. @@ -125,8 +126,8 @@ public function get( $url = Yii::getAlias("{$host}{$url}"); } - $entities = array('%2F', '%3A', '?', '=', '&'); - $replacements = array("/", ':', '-', '-', '-'); + $entities = array('%2F', '%3A'); + $replacements = array("/", ':'); $testUrl = str_replace($entities, $replacements, urlencode($url)); if (!filter_var($testUrl, FILTER_VALIDATE_URL)) { throw new InvalidArgumentException(Yii::t('app', $testUrl.' expects a valid URL')); @@ -247,7 +248,7 @@ protected function generateThumbnail( $ignore_certificate = false ) { - $filename = basename($url); + $filename = uniqid(Inflector::slug(basename($url))); $thumbnailPath = Yii::getAlias("$this->thumbnailsPath/{$width}x{$height}/{$filename}"); try { From 874fde3a01f2fe3c6c80f6e518c348d2f8d532d2 Mon Sep 17 00:00:00 2001 From: David Baltusavich Date: Wed, 21 Sep 2022 14:38:01 -0400 Subject: [PATCH 3/7] ... --- Thumbnailer.php | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/Thumbnailer.php b/Thumbnailer.php index bb944f5..d409fe0 100755 --- a/Thumbnailer.php +++ b/Thumbnailer.php @@ -248,8 +248,26 @@ protected function generateThumbnail( $ignore_certificate = false ) { - $filename = uniqid(Inflector::slug(basename($url))); - $thumbnailPath = Yii::getAlias("$this->thumbnailsPath/{$width}x{$height}/{$filename}"); + $urlparts = parse_url($url); + $hash = ($urlparts['query'] ?? null) ? ('-'.md5($urlparts['query'])) : ''; + if($urlparts['path'] ?? null) + { + $path = $urlparts['path']; + $filename = pathinfo($path)['filename'] ?? null; + $filename = $filename ? Inflector::slug($filename) : null; + $extension = pathinfo($path)['extension'] ?? null; + } + if(!$filename) + { + $filename = uniqid('thumbnail-'); + } + if(! $extension) + { + $contentType = FileHelper::getMimeType($url) ?: ((array_change_key_case(get_headers($uri,true))['content-type']) ?? null); + $extension = $contentType ? (current( FileHelper::getExtensionsByMimeType($contentType)) ?? 'jpg') : 'jpg'; + } + + $thumbnailPath = Yii::getAlias("$this->thumbnailsPath/{$width}x{$height}/{$filename}{$hash}.{$extension}"); try { if ($ignore_certificate){ From 6e363064043308f08f784fe6078ad8d0c9af04f7 Mon Sep 17 00:00:00 2001 From: David Baltusavich Date: Wed, 21 Sep 2022 15:08:41 -0400 Subject: [PATCH 4/7] ... --- Thumbnailer.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Thumbnailer.php b/Thumbnailer.php index d409fe0..4112917 100755 --- a/Thumbnailer.php +++ b/Thumbnailer.php @@ -263,7 +263,7 @@ protected function generateThumbnail( } if(! $extension) { - $contentType = FileHelper::getMimeType($url) ?: ((array_change_key_case(get_headers($uri,true))['content-type']) ?? null); + $contentType = @FileHelper::getMimeType($url) ?: ((array_change_key_case(get_headers($uri,true))['content-type']) ?? null); $extension = $contentType ? (current( FileHelper::getExtensionsByMimeType($contentType)) ?? 'jpg') : 'jpg'; } From b27c39520a437e643902c9bf4d565a8619637d58 Mon Sep 17 00:00:00 2001 From: David Baltusavich Date: Wed, 21 Sep 2022 15:09:54 -0400 Subject: [PATCH 5/7] ... --- Thumbnailer.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Thumbnailer.php b/Thumbnailer.php index 4112917..15dc3dc 100755 --- a/Thumbnailer.php +++ b/Thumbnailer.php @@ -263,7 +263,7 @@ protected function generateThumbnail( } if(! $extension) { - $contentType = @FileHelper::getMimeType($url) ?: ((array_change_key_case(get_headers($uri,true))['content-type']) ?? null); + $contentType = @FileHelper::getMimeType($url) ?: ((array_change_key_case(get_headers($url,true))['content-type']) ?? null); $extension = $contentType ? (current( FileHelper::getExtensionsByMimeType($contentType)) ?? 'jpg') : 'jpg'; } From 70d61ffb8461a41b92f198907150a8d4f339f91b Mon Sep 17 00:00:00 2001 From: David Baltusavich Date: Wed, 21 Sep 2022 15:13:41 -0400 Subject: [PATCH 6/7] ... --- Thumbnailer.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Thumbnailer.php b/Thumbnailer.php index 15dc3dc..c775744 100755 --- a/Thumbnailer.php +++ b/Thumbnailer.php @@ -266,7 +266,7 @@ protected function generateThumbnail( $contentType = @FileHelper::getMimeType($url) ?: ((array_change_key_case(get_headers($url,true))['content-type']) ?? null); $extension = $contentType ? (current( FileHelper::getExtensionsByMimeType($contentType)) ?? 'jpg') : 'jpg'; } - + Yii::warning(['filename' => $filename, 'extension' => $extension, 'hash' => $hash, 'urlparts' => $urlparts],"Generating Thumbnail based on $url"); $thumbnailPath = Yii::getAlias("$this->thumbnailsPath/{$width}x{$height}/{$filename}{$hash}.{$extension}"); try { From 62fadd6528d8d06131ef88efb00299bfd0d89578 Mon Sep 17 00:00:00 2001 From: David Baltusavich Date: Wed, 21 Sep 2022 15:24:37 -0400 Subject: [PATCH 7/7] ... --- Thumbnailer.php | 4 +++- composer.json | 3 ++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/Thumbnailer.php b/Thumbnailer.php index c775744..362609b 100755 --- a/Thumbnailer.php +++ b/Thumbnailer.php @@ -21,6 +21,7 @@ use yii\imagine\Image as Imagine; use yii\caching\CacheInterface; use yii\helpers\Inflector; +use Mimey\MimeTypes; /** * Image thumbnailer for Yii2. @@ -263,8 +264,9 @@ protected function generateThumbnail( } if(! $extension) { + $mimes = new MimeTypes; $contentType = @FileHelper::getMimeType($url) ?: ((array_change_key_case(get_headers($url,true))['content-type']) ?? null); - $extension = $contentType ? (current( FileHelper::getExtensionsByMimeType($contentType)) ?? 'jpg') : 'jpg'; + $extension = $contentType ? ($mimes->getExtension($contentType) ?? 'jpg') : 'jpg'; } Yii::warning(['filename' => $filename, 'extension' => $extension, 'hash' => $hash, 'urlparts' => $urlparts],"Generating Thumbnail based on $url"); $thumbnailPath = Yii::getAlias("$this->thumbnailsPath/{$width}x{$height}/{$filename}{$hash}.{$extension}"); diff --git a/composer.json b/composer.json index 64f36b0..c63d66f 100755 --- a/composer.json +++ b/composer.json @@ -12,7 +12,8 @@ ], "require": { "yiisoft/yii2": "*", - "yiisoft/yii2-imagine": "~2.2.0" + "yiisoft/yii2-imagine": "~2.2.0", + "ralouphie/mimey": "*" }, "autoload": { "psr-4": {