From 354433a33946ae7497c3eab291eaaf814bccbfab Mon Sep 17 00:00:00 2001 From: nicolaasuni Date: Sun, 2 Aug 2015 13:30:27 +0100 Subject: [PATCH] 6.2.11 (2015-08-02) - Bug #1070 "PNG regression in 6.2.9 (they appear as their alpha channel)" was fixed. - Bug #1069 "Encoded SRC URLs in tags don't work anymore" was fixed. --- CHANGELOG.TXT | 4 ++ README.TXT | 6 +- composer.json | 2 +- include/tcpdf_static.php | 139 +++++++++++++++++++++------------------ tcpdf.php | 3 +- 5 files changed, 86 insertions(+), 68 deletions(-) diff --git a/CHANGELOG.TXT b/CHANGELOG.TXT index bea656f..6c2f132 100644 --- a/CHANGELOG.TXT +++ b/CHANGELOG.TXT @@ -1,3 +1,7 @@ +6.2.11 (2015-08-02) + - Bug #1070 "PNG regression in 6.2.9 (they appear as their alpha channel)" was fixed. + - Bug #1069 "Encoded SRC URLs in tags don't work anymore" was fixed. + 6.2.10 (2015-07-28) - Minor mod to PNG parsing. - Make dependency on mcrypt optional. diff --git a/README.TXT b/README.TXT index 3793d10..19ec8c4 100644 --- a/README.TXT +++ b/README.TXT @@ -4,12 +4,13 @@ TCPDF - README I WISH TO IMPROVE AND EXPAND TCPDF BUT I NEED YOUR SUPPORT. PLEASE MAKE A DONATION: http://sourceforge.net/donate/index.php?group_id=128076 +or via PayPal at paypal@tecnick.com ------------------------------------------------------------ Name: TCPDF -Version: 6.2.10 -Release date: 2015-07-28 +Version: 6.2.11 +Release date: 2015-08-02 Author: Nicola Asuni Copyright (c) 2002-2015: @@ -20,6 +21,7 @@ Copyright (c) 2002-2015: URLs: http://www.tcpdf.org http://www.sourceforge.net/projects/tcpdf + https://github.com/tecnickcom/TCPDF Description: TCPDF is a PHP class for generating PDF files on-the-fly without requiring external extensions. diff --git a/composer.json b/composer.json index a7bff18..69e780a 100644 --- a/composer.json +++ b/composer.json @@ -1,6 +1,6 @@ { "name": "tecnick.com/tcpdf", - "version": "6.2.10", + "version": "6.2.11", "homepage": "http://www.tcpdf.org/", "type": "library", "description": "TCPDF is a PHP class for generating PDF documents and barcodes.", diff --git a/include/tcpdf_static.php b/include/tcpdf_static.php index 3e6085e..8c66abc 100644 --- a/include/tcpdf_static.php +++ b/include/tcpdf_static.php @@ -55,7 +55,7 @@ class TCPDF_STATIC { * Current TCPDF version. * @private static */ - private static $tcpdf_version = '6.2.10'; + private static $tcpdf_version = '6.2.11'; /** * String alias for total number of pages. @@ -2476,77 +2476,90 @@ class TCPDF_STATIC { * @public static */ public static function fileGetContents($file) { - //$file = html_entity_decode($file); - // array of possible alternative paths/URLs $alt = array($file); - // replace URL relative path with full real server path + // if ((strlen($file) > 1) - AND ($file[0] == '/') - AND ($file[1] != '/') - AND !empty($_SERVER['DOCUMENT_ROOT']) - AND ($_SERVER['DOCUMENT_ROOT'] != '/')) { - $findroot = strpos($file, $_SERVER['DOCUMENT_ROOT']); - if (($findroot === false) OR ($findroot > 1)) { - if (substr($_SERVER['DOCUMENT_ROOT'], -1) == '/') { - $tmp = substr($_SERVER['DOCUMENT_ROOT'], 0, -1).$file; - } else { - $tmp = $_SERVER['DOCUMENT_ROOT'].$file; - } - $alt[] = htmlspecialchars_decode(urldecode($tmp)); - } + && ($file[0] === '/') + && ($file[1] !== '/') + && !empty($_SERVER['DOCUMENT_ROOT']) + && ($_SERVER['DOCUMENT_ROOT'] !== '/') + ) { + $findroot = strpos($file, $_SERVER['DOCUMENT_ROOT']); + if (($findroot === false) || ($findroot > 1)) { + $alt[] = htmlspecialchars_decode(urldecode($_SERVER['DOCUMENT_ROOT'].$file)); + } } - // URL mode + // + $protocol = 'http'; + if (!empty($_SERVER['HTTPS']) && (strtolower($_SERVER['HTTPS']) != 'off')) { + $protocol .= 's'; + } + // $url = $file; - // check for missing protocol - if (preg_match('%^/{2}%', $url)) { - if (preg_match('%^([^:]+:)//%i', K_PATH_URL, $match)) { - $url = $match[1].str_replace(' ', '%20', $url); - $alt[] = $url; - } + if (preg_match('%^//%', $url) && !empty($_SERVER['HTTP_HOST'])) { + $url = $protocol.':'.str_replace(' ', '%20', $url); } - $urldata = @parse_url($url); - if (!isset($urldata['query']) OR (strlen($urldata['query']) <= 0)) { - if (K_PATH_URL AND (strpos($url, K_PATH_URL) === 0)) { - // convert URL to full server path - $tmp = str_replace(K_PATH_URL, K_PATH_MAIN, $url); - $tmp = htmlspecialchars_decode(urldecode($tmp)); - $alt[] = $tmp; - } - } - if (isset($_SERVER['SCRIPT_URI'])) { - $urldata = @parse_url($_SERVER['SCRIPT_URI']); - $alt[] = $urldata['scheme'].'://'.$urldata['host'].(($file[0] == '/') ? '' : '/').$file; - } - foreach ($alt as $f) { - $ret = @file_get_contents($f); - if (($ret === FALSE) - AND !ini_get('allow_url_fopen') - AND function_exists('curl_init') - AND preg_match('%^(https?|ftp)://%', $f)) { - // try to get remote file data using cURL - $cs = curl_init(); // curl session - curl_setopt($cs, CURLOPT_URL, $f); - curl_setopt($cs, CURLOPT_BINARYTRANSFER, true); - curl_setopt($cs, CURLOPT_FAILONERROR, true); - curl_setopt($cs, CURLOPT_RETURNTRANSFER, true); - if ((ini_get('open_basedir') == '') AND (!ini_get('safe_mode'))) { - curl_setopt($cs, CURLOPT_FOLLOWLOCATION, true); + $url = htmlspecialchars_decode($url); + $alt[] = $url; + // + if (preg_match('%^(https?)://%', $url) + && empty($_SERVER['HTTP_HOST']) + && empty($_SERVER['DOCUMENT_ROOT']) + ) { + $urldata = parse_url($url); + if (empty($urldata['query'])) { + $host = $protocol.'://'.$_SERVER['HTTP_HOST']; + if (strpos($url, $host) === 0) { + // convert URL to full server path + $tmp = str_replace($host, $_SERVER['DOCUMENT_ROOT'], $url); + $alt[] = htmlspecialchars_decode(urldecode($tmp)); } - curl_setopt($cs, CURLOPT_CONNECTTIMEOUT, 5); - curl_setopt($cs, CURLOPT_TIMEOUT, 30); - curl_setopt($cs, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($cs, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($cs, CURLOPT_USERAGENT, 'TCPDF'); - $ret = curl_exec($cs); - curl_close($cs); - } - if ($ret !== FALSE) { - break; } } - return $ret; + // + if (isset($_SERVER['SCRIPT_URI']) + && !preg_match('%^(https?|ftp)://%', $file) + && !preg_match('%^//%', $file) + ) { + $urldata = @parse_url($_SERVER['SCRIPT_URI']); + return $urldata['scheme'].'://'.$urldata['host'].(($file[0] == '/') ? '' : '/').$file; + } + // + $alt = array_unique($alt); + //var_dump($alt);exit;//DEBUG + foreach ($alt as $path) { + $ret = @file_get_contents($path); + if ($ret !== false) { + return $ret; + } + // try to use CURL for URLs + if (!ini_get('allow_url_fopen') + && function_exists('curl_init') + && preg_match('%^(https?|ftp)://%', $path) + ) { + // try to get remote file data using cURL + $crs = curl_init(); + curl_setopt($crs, CURLOPT_URL, $path); + curl_setopt($crs, CURLOPT_BINARYTRANSFER, true); + curl_setopt($crs, CURLOPT_FAILONERROR, true); + curl_setopt($crs, CURLOPT_RETURNTRANSFER, true); + if ((ini_get('open_basedir') == '') && (!ini_get('safe_mode'))) { + curl_setopt($crs, CURLOPT_FOLLOWLOCATION, true); + } + curl_setopt($crs, CURLOPT_CONNECTTIMEOUT, 5); + curl_setopt($crs, CURLOPT_TIMEOUT, 30); + curl_setopt($crs, CURLOPT_SSL_VERIFYPEER, false); + curl_setopt($crs, CURLOPT_SSL_VERIFYHOST, false); + curl_setopt($crs, CURLOPT_USERAGENT, 'tc-lib-file'); + $ret = curl_exec($crs); + curl_close($crs); + if ($ret !== false) { + return $ret; + } + } + } + return false; } - } // END OF TCPDF_STATIC CLASS //============================================================+ diff --git a/tcpdf.php b/tcpdf.php index c65d138..6bc504b 100644 --- a/tcpdf.php +++ b/tcpdf.php @@ -1,7 +1,7 @@ ImagePngAlpha($file, $x, $y, $pixw, $pixh, $w, $h, 'PNG', $link, $align, $resize, $dpi, $palign, $filehash); } - $info = false; } if (($info === false) AND function_exists($gdfunction)) { try {